last executing test programs:

35.526481349s ago: executing program 2 (id=1246):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000c80)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)=@ipv4_newaddr={0x48, 0x14, 0x509, 0x0, 0x25dfdbfd, {0x2, 0x18, 0x0, 0xcb, r2}, [@IFA_LOCAL={0x8, 0x2, @remote}, @IFA_FLAGS={0x8, 0x8, 0x10}, @IFA_ADDRESS={0x8, 0x1, @loopback}, @IFA_LOCAL={0x8, 0x2, @rand_addr=0x64010102}, @IFA_RT_PRIORITY={0x8, 0x9, 0x31}, @IFA_RT_PRIORITY={0x8, 0x9, 0x4}]}, 0x48}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x70}}, 0x0)

35.442889786s ago: executing program 2 (id=1248):
r0 = io_uring_setup(0x1de0, &(0x7f0000001040))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x1c, 0x20000048, 0x0)

35.394524619s ago: executing program 2 (id=1250):
unshare(0x22020600)
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, 0x0, 0x0)

35.333578764s ago: executing program 2 (id=1251):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000580)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x1b5008, 0x0)
mount$bind(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x84000, 0x0)

35.331587683s ago: executing program 2 (id=1252):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
getsockopt$rose(r0, 0x104, 0x2, 0x0, &(0x7f0000000040))

35.032515244s ago: executing program 2 (id=1258):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/sync_on_suspend', 0x242, 0x64)
write$tcp_mem(r0, &(0x7f000003eec0)={0x7fffffffffffffff, 0x20, 0x1, 0x20, 0x2}, 0x48)

34.876480903s ago: executing program 32 (id=1258):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/sync_on_suspend', 0x242, 0x64)
write$tcp_mem(r0, &(0x7f000003eec0)={0x7fffffffffffffff, 0x20, 0x1, 0x20, 0x2}, 0x48)

2.244183971s ago: executing program 3 (id=1514):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x6, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4}, [@ldst={0x5, 0x3}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2}, 0x48)

2.143437352s ago: executing program 3 (id=1515):
syz_usb_connect(0x2, 0x546, &(0x7f00000005c0)=ANY=[@ANYBLOB="12010000872de608110f0020bcc7010203010902340501000000000904"], 0x0)

1.953606017s ago: executing program 1 (id=1522):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0a000000020000000200000004"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180), &(0x7f00000001c0), 0x8, r0}, 0x38)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x15, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000000100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000bc0)={r2, 0xfffffffffffffe08, 0x0}, 0x10)

1.883501409s ago: executing program 1 (id=1523):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000604000000002e"], 0x0, 0x37}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x3, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000, 0x2}, 0x94)

1.883155706s ago: executing program 1 (id=1524):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha12-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e961ed00fe41b0cd695", 0x20)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
read$alg(r1, &(0x7f0000001540)=""/4131, 0x1023)
sendmmsg$alg(r1, &(0x7f00000091c0)=[{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000004840)="9842c5aa0ce363a37ab0ffd0322436e7b1da123662e559a751820a287ae85b6588c728159bb13d114816abf2ad4a54fc4bf101031d4ce6b24609fc83aca5222109f67094b2b605089b93a78c245c2169753e693646188c46194734b721168de81e6cee77d4e44ffb2f7ae0e4f606ceb373ef44fdfccc654d1e8bdbf0702c1ebe8e6fc2cadc5b6c3fb131cca6fe94623bf4ccbcb0c50078e9b3c8c69c56feeb1e43019aeb96d4098e998ec55af4fcdfb1cac839b7175d9121afefc6383ec4de52ed89d2b0108abd0f56493c521647a9607b1f53c1e0a0a299a7264ad4576499a8ab1b34f739fdf4a35cd84003ed74d103960b02f812b8610f9834505ff0c568f761f1d8064e6e352693bc2a8d0363e911ad662092a04c45ad88e32226f19dfe765aff068d8dc7d7489605d7fba6e7203f4249e9c9379cb3514a429ed98f57b5ac4e0277ab3487a191a1136eaf664ffb94c9bc3ca4f32b9d2304f991727083b74079037da1a93b1528573d0c6fff245b0535f18414ed0ba0705cb681c8e0495bdbfd7c6d486949c0875545c9f36c983e34218b8ccfc5dc931f592c9a551c5a267e741eb9cf0e05ca3b2d0f9b3306e3360bfd3217c7530a019bc00b179379e08d7fd0b04a7124f17d2fa315714fe17a5d0babd5873dd12ebac1cfdb053463ae3947245d52e68609e3472e29d83f71cb4c4b4ee78407c4902d66a467894a5067a159391cd23e868c79976c27d5bf24f0c11cb7129f6cad5b28a5a2e541340b058bf8fa833e60f3ae666d9e2bfbb73f712716db184972ea334052d905164e43aae7ab40bb62e4423f648fdc2510145a9d298cb3f309986541944f69421a73af231694d68e66488756ce17d403cac496a76b681a8b39e08703e267aa626687585a8ae4cc5d061fc62a1ce98708a92e123545a7ccfe7f8b944ffc079052c876988eba482b921f3e85cae42fb200b8beb13dc39cbdde5500e79b4ce48362c7bd4a94cc5577eca9ebaba3063016a1f00d994794016e14ae473d893e9cba7f05e27cff38ec7b6e9f63993e6d6bf39c8104c8c5e92d13e10e18e7fef3960ff5c52e3e5cea8f4de8d21adccd1fc7f469c17e472f196c2172d4ea9c17ae2886336014830243afa68ac2b0f66a6a7eefdf37587bb56607184d441e0096480d93e900521bd919d3320f10826fded69c2b190904c214ad7eb742b4759da34ffdc32d8500d9c2958b7d8cf958079b68270b94d01ed69834c3fbf7210795cd0457faf62abb61951ec5682118c7a75e4c786c815d0c6f789acc2db6273ebc797b672b26e23986c8e193a943aab41336e19d1afe012fc5932383056737126a22eee92843732942687d3c9f3a80ff3bfdc3a32190d2c6e1a5990146fb0096f74c1463e7976ad156f522917edc5c1791fe1194e18472717aba345a77083d65402c5dc7988ef19d5fef435e4cccb11c1db23a20a6ab28cc117468e8c164b02625dd69e0d30bfc3a5ed5aee91c6ce3f8db1946513df882418ee10eee852dc894deb02b3959f5149b07b5fc8a656a34cb28e4dd76366b29721e682468bab617d4139d447a03b564596b646de79a8a803a01163bbc2599ecaaf19bdf4d9d1df8a6b32f410a0d4dc8db2362912f46395714b5fb3ba282f5ae692d88acf9deb29303fae7b1257d83cfa0b75724da88909a697d2008578d3c3a3cd6af549587b3dc10f5a7864bdf3572b053db28fa116bb0be693939c2edf3070ad1add198c7d91a07021d656d0588172a216b8a665e4d1bc6c114369c6b90c67c069c9cef90fe67f1678d05a1e6aafb0a00350360ed9747c22f245c10c8514da3da228b003ca2cc98b76996bd836e687260dec9dfd46b505cca2b0e7f81c3189682f2d61dfecbb4218219b601d143dafe41c7ce895d249161d34b1c1fd6dbfadd60f0e30f6c73831cca1c7bec6bfc9a67ce08f771518dd1f4a2326439e4c533ab8884d08e5a6f741d52af3fc2ef85ad6fad354a86d760cdee111dae31ea45a54390896aa97d8b5858aafd09ce8c8248ca42475bde09ef3402e1d084dd3e868792b565d5dc1d3c05370dcd1dcc85123d14ff6c3bd221810be4ab5dce92dfaf534949879f23f13273468c6d9034b917ae699fef733ab9e0a0c2654e95d2ef639486a3bb38b81c868bd7403c7b62c24ec94d45e82f45333ab27a27482b20a0e8dac09e23b808c824aab1e51e0e84543b7b8f0b585e2b3bbda208967a0db84d55354a18fadf10dbd50248a9df8ef516eb956f8ba58454f95be2451f93ae988643b555b9762246919a89d18e3113b5adc77859cca34f2fdc1d8fa0ce043c229894c9acdc36f0b9d601b4f6d10b123745e1009281376eedfa3e684f3699017cba72c73c51bb24cfb3a0f5ab9f3d570826fee0acf98d14cf14b257813d88744039b5f4673266af169520c348a0264b8892a2e0f2f6224c70669e77064e4889426571bd2eafdfb9d8ef1a28be14ed68dbdfa78b76acdab7e65d49472842c710132a6780dbf24ce852ec4de49baa17731356be044bdec896c148b7f009f74894099efc8aa0fd9a7eb7f9104aa721ad940b5512992d9cc61eca7378e313ea1ee0fb785b454c3dddf0260456c4a425fce81240658056b6a3603e5df69cc35cdf7bfa86dd689c0b28941452604c4ad325359542814db58abcd60fddd95db9f6ea41dc06fa6a537b58a48cd2a9b6470a64c2c0900007298aa516c524265e7e22e08a94fb5e78838557546cb8ae5fea69ed9ad2c0957108031f4581f44401c8f7bc5c2de320db409ddc9c804297ce219db974e03dd41dc36f2ad800a36614667b055f304ec54e6877c7b1a7dfdabbc9b68d0a78c813e16a64fa659139bd0839dcc21e522185eb1c0017843472b6a2f2264c969c957332c2224d2af1412150c66c2ef4b29add51b9b1b3a4b4fe4eeefdd61515191bdb118a0d386ca03804f4f605f03f73bba95ce2b53cea0ffde7bf70817b539a1226c5e53bb118aa07a5182af3bbcfd776d5ec2411ef5b7cc4e9cddcffd8413d48502aad843b6ec84f05da7493fe45d57d1d42ecd943c49e34888a42d8046f9517818a76abda83df4974b14dc2171c1016c64b202369b6f19a266e075db0d6a18090cd032809ac4ec79bf47f7e1885211675eb2a7f2665d71b7e1690f90b710af55c7aa8e4ec0b799ed2389c26dadb0d740680f9fa60e3ae02575de6718d3da4114e58cfa0e5b4ace5472af262b80ac5ea8f4f322588ca18312e68a77633ca45510132e5a915e698e6c938df7a9b8cd0528ada6529d264bf12056af0ecb7b686547acf48dbfd230b5375553c465f587b8ad90ac069c7115cba60c308e46dcc1f1b461f09bc6c224859450f0238918e7e029202b731230405f7ec40c24167ce25967a20caeca8b0a333b4f2c52594e1df3ad3f1274703f267d899acfc22270a9be8164bdfb3f70d3817179b7561b900e7f15dcec8549c0188360e18d749ab2a5d76961c01c384a713e836eacbe6d8ab5c7fe82cd82bbd1effae14e5c7a4b3adc8a3642b76e7563542b078380c7b3be778045faff6008879de23541a4201e99a6c0e7c300a9e112508d560d67fc7fc22380389d1dd27f4516c5b443293dffd8bca5b5b9853516b09bf5d33f75f64d361ae652c41d0c146952930b4ead599ef7bc9a46f4e498f02d20826276be5f54ce7054ca3e3470f8ca403e50e3f0bc951d8208e6c436ebbce584a19c29a9fcb02c0eda40763202040a194fffb37364ece2d24f1345525055c15452747b2acf035196902e733d27e915caef222b2c9db3aadfdbb4b5dfe60b4a32b6ccd90b1ed629bc54545f9001b9d070b1fd7871cf0b453120eb64309796d46092d4e390c921982a03263ba2ef01e006cfcb613eaa32816f4ada996b1139a866d04898878c6ea882be5e65004b9acf469cb3abb1011ead0fff98fd65bd08468c252d4a1dd591ef9b032599c53745502c02f446834309d9ea2c9d08dfae7d44219074fc3b0ab651fa13f47861779b742253d73c4f06ad5dd560ae0d425bccdbf34fc685110b074fcf0cf246849aa73b0d45f830ddd7333f1f953a473832cc3388a4a0f01a2c4d316c2afde9e69f785e78a78816a11d3954711eed7ec0c3507d9875e37dbb2d1da9e80aecb997ff7691b274b91379e64a7bc6ee3d22f0fcfa19caf24475ff82934b538d6c50cc7c571105d8c30d5741fb981b70c654eb56d3ee661502fd9bfae7e3255a5116e752d7e723df56e107a73613e191b532da7d6a1c23420ef7c387e840850c79ed1deb406015e07b186ab9fd086714230c503fcc7e40c8166af1cc911d2c25cc8572bf7d20c9ed06babeb88847b70474f5b60d81c68ebf719104f0cdbfa1d8bf6a8b9b805d3f12eec176864592dc2056bbd6d6daff9f29e76803f2c524de2b6bad6d5ae35abe38817ab52f94be10b6cff2f075ad07b86353602d4da956bf48225829b787e3093cf7da3e1a04f9e721e4831f0d4004444be70e1cee53444ad3d30a7ae52cb31093c480d74a24da442effd152981c971414eb6762dea4bac0911c7193f9c74a482be64532949015544a51934c7951ebb2a2026cfa176dfa726be6f856ff60ed3e55c8866278ddca2238afa3673d142c39984a71b01b08cca41014f25ac38334fb457d2b857722c82c39c259d319258316e2b9763730d3b96cbb63b31e1a104d204e30883a0d01d23e079a0d1d1983ddc3aed09773e050a24add3027d4b7ed88865a10a03b37723cfa7c622a7bc533e73d87bb665dd52ed8412a8557077196219c42d59869129fc5147728c15a75917f8feb82af40470f3fb14640953a45c5d90abcb9d6a3372783835c41020696fba9837e3922e4f46bff0deb9a45faba7162682b883604ca4c38a4e8d1256647b12ff2e728d59bde99f3d74675846bf9c329ed1c55c94ea60dc4500ad854a4602d5ffef92c00617fd60c4052243832b4c7ca834ac8b38a236bef096fdab7bbb77cf96311c383a37012c5c51ef247a2ddced6a0f2bbc467fa96dfaae14305ef54dd5e374fcb6cbe18c28655889a8ec62a3a3b6bd9e010c822d8ff2a23005f19f2087652333bdc8321e0372c9f2e715ff4f0b7ad1a8fe84eb9f4324400101a953ec410da9551d4281388073974698005cc2559d7a89016205aed85ec7436e596c3efe6e9a2bdc7550a2fcbfad0fcab80d7965b6c96964167c89ec644363bf692bc0c54888c4dbec770e6c95c32b6dc9d96f43acc624fafb92a87382f6497612cd5aa109c4f839c28c9ef1a5410864e7059a27f587451ddf5308caaaa974975fa09018b8d407c7316e80ccd0c7263020c2c53269ce6c35a2a6669bd3e24d5433572c91c167a48e5a1dd77b6c2ec6a559ce86a8d9d37929addc84a66e4c4e044dfbf74e2fb9c5a2ea31cb56760c752d70fb6af257a2d84fdf14e3e16c0a72be7082805eced7e36ea28262d4b5b012b674e7aef36dc2ab99e4550ec127fdc4285ae74213a5ff79c3ff35776a84258f26ade2873cf6657b0e75b5aeba4310bde3ca93b4f3c3c811ec756f4044a315037550fa71110252a2af7d466dc6dd384ee19b504b55a0a3d3e1a21b87ae9a3745e00be804482be992c88f649ade145ce5d3291d17e21b277d89d84d802d862a4cb9ee2b2f7366361e7ecaec89f03918ce1e0b401c9225adb23922504704df0fb2c73bbcfe21c3837172fba3e6b80195d8469a8f7d5d6a4c619a84e86657798c87ac00db6e53137aea05dbfee061c9f9401d09d5e085d64c60d3e7967bc21ad6a495c4ea2d961ff4155a8c4a0d10572492c07473d069e1e9", 0x1000}, {&(0x7f00000000c0)="dd75a7e68f4ef5eabdff29937a621b11d941526bb35c8d71ebb744248afbe5d1e6816b", 0x23}], 0x2, &(0x7f0000000780)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x2804c044}], 0x1, 0x40001)

1.773071685s ago: executing program 1 (id=1525):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000380)='./file0\x00', 0x2000002, &(0x7f0000000340), 0x9, 0x558, &(0x7f0000001a80)="$eJzs3c9vHFcdAPDvjH8mdeoEeoAKSIBCQFHW8aaNql5oLiBUVUIgDohDauyNZbLOBntd1cYS7t8AB67wJ3BA4oDUEwduHJE4IKRyQApggWIkkAbN7NjZJLvtut4f1e7nI41m3szufL8vzsx7+7yeF8DEuhIRBxExGxFvRcRiuT8pl3i9teSve3S4v3p0uL+aRJZ95x9JcTzfF23vyT1XnnM+Ir79jYgfJG0B51qr7d29eyv1em2r3L3U3HywtL27d31jc2W9tl67X63eWr5149Wbr1T7VtfLm796+PWNN77729989v0/HHz1x3laC+Wx9np8FNNd9reqPnMS5/i1b5wl2MfIVLmeHXEefDRpRHwiIr5QXP+LMdX1fzIAMC6ybDGyxfYyADDu0mIMLEkr5VjAQqRppdIaw3shzqf1xnbz2t3Gzv211ljZxZhJ727Uazcuzf3pR0WPYSbJy8vFseJ4Ua4+Vb4ZEZci4mdz54pyZbVRXxtdtwcAJtpzT7X//55rtf89SAaeHAAwOPOjTgAAGDrtPwBMHu0/AEyeHtr/8pf9BwPPBQAYjlN8/k8HmQcAMDzG/wFg8mj/AWCifOvNN/MlOyqff7329u7Ovcbb19dq2/cqmzurldXG1oPKeqOxXjyzZ/PDzldvNB4svxw77yw1a9vNpe3dvTubjZ37zTvFc73v1GaGUisA4INcuvzeH5OIOHjtXLFE21wO2moYb71/n2fOHQHGTNtD/Ez8AxPGRQ+Tq/ce/e8HmgcwOh0f5j3fcfNJPz9FEN8zgo+Vq5/uffzfHM8wXvw9L0yuqYjWxH6nMjeQXIDhOv34vx4DjIssSyLLzp2UsiybbS8AAOPnDN/ozX7Sjw4IMHJJa+n6fO++/P4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxsxCRPwwkrRSzuy5EGlaqURciIiLMZPc3ajXbkTE83E5Imbm8vLyqJMGAM4o/Vs591dcXXxp4emjs8l/isn+Z/PWv9y3tZzv/+fJ/rnW2yOqj993hnkFAYA+e2el2dyqluu2D/KPDvdXj5dh5vPwdvyvnIr4Qhzurx6dxJ+O6WI9X/Qlzv8rKcutuUhfjIipPsQ/eDciPtWp/kkxNnKxnPm0PX6UsS8MNX76RPy0ONZa552vT/YhF5g0792OiNc7XX9pXCnWna//+eIOdXYPb7dOdlTe+44O92eP4x/f/6Y6xM+v+Su9xnj5d998Zme22Dr2bsSL0yfx56Pt/nMcP+kS/6Ue4//5M5/76de6HMt+EXE1nqj/6uMIj7eWmpsPlrZ3965vbK6s19Zr96vVW8u3brx685XqUjFGvXQ8Uv2sv7927fluueX1P98l/nzH+s+evPdLPdb/l/996/uf/4D4X/lip/hpvNAxfkveJn65x/gr53/ddfruPP5al/p/2M//Wo/x3//r3lqPLwUAhmB7d+/eSr1e2zrTRv4ptB/neWYjT7GvJ+ywMduW/F9isLFOtTHTr3/V6WEnP33SV+zvmb+Xn3HIP4u077U408ajYcUa7X0JGLzHF/2oMwEAAAAAAAAAAAAAALoZxp8ujbqOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjK//BwAA//9FJ7wx")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r0, 0x0, 0xee01)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, 0x0, 0x0)

1.67382745s ago: executing program 1 (id=1526):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5ac, 0x25b, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x5, "17321748"}]}}, 0x0}, 0x0)

933.823438ms ago: executing program 3 (id=1527):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mq_open(0x0, 0x0, 0x0, &(0x7f0000000180)={0x8000})
r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000040)={r0, r0, r0}, &(0x7f0000001cc0)=""/194, 0xc2, 0x0)

673.70193ms ago: executing program 3 (id=1528):
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000000)="2d5a8bfaec0503d4ee82255ccc79459d336c02f6846ffa083727a27fef8e41f33ff61428dc81376619b5746876cab40bea6b76e7a18d9f0f45c5f33c3f3e548879927a89cca1b9829ff887d45cae3a0012b8eec038b982c41410eb0cffe4204a0387ae9ad2d2eb6f904feaea4325a355611cfdb7ac6c3495a4bcfa6a2c3285bf50ca4a25c77f383bdb14c2f038ba311fefcbe3d334550fb18a5f462cec0e41bf00e3ef37c78bb0086cbdc72b561eb2e285a15002dbb8b7a858d33bdfef916ce90eca18739db369eb9aa302efdba714da8bbd0baaeb55eb585585542cdfe62755b7dd303c01c44de59f83de2b9edf1e60279b16bc7ee4c277e23701b7d58fdad36e8d91c111be46581f230b4cbbe8b9ad764cd3e067d7b7c5e1082a55c86f7cbc77e049085b2749b2ead86b176e4c8d2498a331f1118c5ed72ab0fc4228c8214e0e48fd1f265ccfd3311eff1f9548d1217c02de43ebc6c896afbf6065592ce3bafbc138524c4ffa429c33265cc8ebfc69e1adf360f97ec2edbab35cdc965dfadfa522a591734e25f91a44023ceeaac091534ec097d7a6f9a8efe84829719e41c101ee103c7b8c6d7fb630da2ffdd692d13e9212539b8484ea7fbccc74ecd6b44e08852505badf79984da7ffd06e78b05b453e89bbeb44fb0e72d527ee63aee52eebf2e4049705c41ead90017d7a512146287226941b20b4a603d1f5d9e6c559d55c5f6de7e9159e121dbbabdcdae8f359f66c218fb24d20c3b56ca3b4a2639b4b54e0775f29c731a3fd33331a76c280df2bea7fb0778648bc55257c42cb1a4ae173a21e33a782943d733e570595aea49f391ced7df117548032f44d611d1fcafe7c08fcca48ef9bb719d41c2cde9eca1727feb7bcc14757316a3fb315eb0adf3b60f5d6cfe231e4dca32f1cd2a74a68e44b1c09471f135d6abf0d7d417a42323923ced88d39902998a177bda4d7ac9e5479f0ae49f5fe51818fa13dd9131d219658ed2de42587f415396aa610998f2b166a053cd272ef751e5447122c03f33800268f63503a237fd62235c65fa995ced4facfc61959a7b64f7ef4bced8cbc10222a18aaee1fcc282163cafc4bf899a7de76ac61499fa1bdf6e6599a9b6e46d202230ee0be421b38ba66b85c7e5cb73e26085f8b62b4141f8728515f12019e1738bc5b278074c56be74033511b21e97a727c8a5f9c186af9777574f52d957082122dcadefe3c376f73a33e41094ad7cd404b50e963a200b57cbf4329e59c5b5a42f8700613e30af94109d5562262792e77df91e7e75c40080f8ca071449bc999762d483c30a4eee68e89be2d138a4b64af3c0211c3540227d85801dc16d1bb669a16b243fa98ef40edb5b5fe05c50f8702434c4d2663e874aec996463c6d946fd1391096b02198e88f5e568300d6c4848b4fe7273af633cc6fbf6a5e37feea56cfc20a0b42a5c6266c805823bac41f8d4eb43c6c4673a4b6a8dd303fe922ade7af649cb21c2919390a9ee62a08131ea21840adc9cc023e2aab908ea6bf2d41e52918ed6423677933cd1729cfda6423e540aae3f043a1296b6eb9350d38e07abed7d1ea7249b1b67d17322050d01589c9787f4e5a904c5cfb25e047f3e46de5222121c2af122bd3a3b2b0f35ea0a81d3a862d77217e992cc74f678617223cad5ba21afdc58e6af17e7b4ee3a506f34069d2931ac62d47f86f1983d7204a32544ae0b738cd5ab3efb940ad752ebbb59cd28d98cd6e0441f020ab2d68cbe90fa44be7f7191c2f5748c418dde668ee87d579baed4358b5c47e03a89ddb98fd4209fda85a277460ca20cc6de67c0f35e39d3fcfc070530140f648b50dbd3236d8e5b5e63be12191cd67b9ef128440d8794dc452b5a16f250c9e378d52b1132efc4b1ec8a7a3fd04ef82154de056ee5054fb15dff8df06bdca1dc8b1c1d4175c967445105954d10f0fc94acf39b68105d188593584333312eb6fad6371cdbbbf16e88bed86600d9dac851661dd3cc64f9bac0b2b81ad2564274b5bcc040f065f3fc055f7e254f8954304140782b9a2390bb61fd82d7a99ddf96468f3ef43113b767552969d71190265b76c1358c4e16a21ff959631a19c6f5a686b7884d75aca2810decbfd9fe0520f3b322a80838a2e633e1c2a79df01786f605750b84e2b04b7204ca6022973fca4ab0c8c67caee2349a6b839aa6bebc862f2f8246fc293e0f14a375581036becf081e4fd6b0cc2f7465fe7f932890884794215838558c0ae6de81efd624c5290bdf52e95e4d5b1eaf280d76eb0ceddf438bcf1d4b83e8eec3aaacbd7ea0421ac84f08a480ae48edb7c23c3f94dc59a44b3c5712800789fa3b2b938bed137505d2b247a4c4a9bd5ceddb900cb9a502d10dbd620a7ef84fbf49081d52419e5d08ddd5a1873f6d3ea6a822400ffdad29899bfaf73ce3d8ff182b3ca8ef1c39fc34b93767b9a13401427c440edd2e5f801655e60dc4c5b4ba84e504421b758e0b4c743fd1a1b6be27702e751960b431f1d7a7fd68a9ab198a5c6dbbee137283e6d6c69eedba5345e551e4421f3dfc1c957bbf413c48f64871521789487707278c69eb71c33a6999d7e497dc3d7d022f008addc112c116637f6d29c9247de134eb860cd3e5af369ee474883e7a20c40ba02160ec19dcb717cd3f4f3f0293195242fa814042ad751c774728a797a8c483e0562a2cca698053c1b66c0310affdb6e5767ab6db583ac415119f1760bed5f405c5cfb63b2ccfd5dc9d119fc82a86f98551d92f02410fdddd450f0a661ce041fa39aaba50cda470d3080dec7345a54abe2a7630a7fac84bf95c30a0dff1225f7b1aebb41daec68ceff2b0f502e7433f395aeea75c1ba88229b44fa5c6fa2647e44db139eca1f2b7142b6c23d4879603bb5617e94de0d5353d1b17dfb960eb1c11c67d0d1e1cae94699cc9397b79150dacbbc7361261d5445f237210d2ab8120fe721072394b77df46894595b8fd56f034318e90e3cad94f1655911b9bcc0bd15c628c0248e134295f3ff69cf8ea536b4b7a6c11b4e04955f9f1d9bac2ad39d81ec929b0d29999ae5a865bcc2cffc8fb42af6e486ca12a4c83461c6a72b3c88e4f3d1a9c1f13adc6defbf0110746e39b1d01a5129f996a2af48bc52f06a32764d8d8dd984c5dc4e8bca0ffbbc7e4cd226cc278b35ed16bed6e8aca4a1c18120eef0966dd5327f252462477d43cbd1497654ddd3358d24883d9ddde40f1bc8c5610370841b1cb13e84162cc6d0818987350c22362b12c0f315dbc5dbc33c224bf8d57410f2621b9c45d6857b0bed5aae750db0dd4c6cf50bfd6d5e0c816a9d8951402a1c50ad8169fd94427b42c58399c6d72b1f213e009af4f650e5ef67d2f48c7dc3ef74a8ee453ab84118f2f0e4ff2b8130169ccac37198b337205cae506e8d70acba86aab28caa8117b1231d9c4b631fa3aeceb3c236182e25299392f1ed986106071097314a9b9bd0f30d853e8b4044c00f04b45b2923b572a6a41cb5293cc8dfdbeff56a1375a33bac7b220056a6f6a292035b17a3c3fd55897548c68ad7886ef432cef353da3da8deaea09df078569c042258dfc0763d54be89302b11a6d24f4086028b82520fb6d967b78b611a7e9661a92b1a8f12d407d2289e85a82bd0b7c742055acd2396ba8d101e91ce2e9f387e909fe6da3109e1937b1e12515f23c8f1b739d4c40a287cae3bf59e901fff2ba0de0a36a304428e9febe42a01dea2eacae9416a72ddabb98d2e69c70ea9edfc57cd81fc4217ec353caf01a1a61b925102f866b4090b6447cfd8eeff2a3a49e30fe0a4fff77fe1a225dbdb2fac338526c7438631b69ead8781b86801f530b04b1544be2c22aff4ac89b0ce4353526905e59e18f7f01c221e42354a5269e0e28afa29f38bcab3923fe8d64fbf81433991b0bb9df6fc4c28ba175871d87bb5ce6cf5bf4572bb873c044f0aeb2981e34a005df55d354db0353f6433f76adde2c124793a1da43aca0e62a744992ed8efa8571a26857aa65a21cfc3507471ab75525cedb559c430b5d03a5c4e923f7fbec50d0eb10fc40b3d7986245f4c6888a53df7fe7fdcc11261e70d8cca04baff938f8446bd9048baba31085f20746c5f0e00d816dca934804ea2877cca51b5c0e31dfeefb9e91e41189d67412a09af16b4cb709e6fee71b2766a71c8397578516b656633bb620dfc8bc15de4ea5f75f6845ea44805442125adef9377e98b5d8e73f3a0bfbd330467daf10d9f7a95cd6fd4827fa1b062898fa454437bf185b9e0d98c9d10a5db80364bca446205739b23a1e7e860647ed30e2b72524da94a5f70dcbcd67d8df08f0d57583011d5487669c5a45905125186590322dbe481e820a6a6c29c136fa4301ade06baddca45f0d5ce913b5b763d293da4afaa450b17ff4933e4478fbba9ad9e6e5eafe9fdeb82b7d65bc92f6690d03a49923810558b5e0f5bf47e7d000a5e132217c174445565d57d29f02e71d7205b8ec10330fea51d972fc5c81b1b36775816082f979b5b1fe3601c9c8e8fa0c3504bfa30e3603d5a0f3a7cbd27d744b27cdbf318acbed70697519605453df106123e1a6148c9146154986e288d8a70b6fed1667cc1e0b199067c704a6d41ba751b53102ebca01b3ce90226847808646c95f3eb231b6af0b0f329bd997db5a4d3ff18edf0203e351fcfa8c8ae2be6953472bbb3f40bb6ab3f8f2128d11a3bba133f0204e2e0df189cc8d2cb8af81d0941a37c2165112ed452008930bcc607fa6fe3ad1def902d89c7330e6042f6f86c3a75665ec603b6e392b417a0d907d42e6534db72adbad4266c6601d7b8bf8d9cde807088f76b07c06840d0806eb89aa545292284bf050e732e547ed54417b3ec7e7a7c5e8454a56f5092ea8cb27e74e0672c2951647e29dadbdea86d2a4d9e53ab01c9d21e902fc9c6ff4c317b3c0398561364e880e2b079d79a27d6dcc3d586abc043477981bd36746f5570840536bef104a158e2461296717d247b6004565ffb8eb9bb5258c65032f0b472c4f3667a17e3ff65b45c91e2411b5990f054e0c2a05fc175d2db7fb32ca32e4c11b46f08bae1614e2add96133ab383c1e78f4e3f21ed3010a35c76ad88714b526d3a5ba799e6f7bf9d5696e7b42c8c264162a28831baaef180f40489ad681af6c0a674cc7b65e8b8ab704d15546f70ed1e67f7643bbc8d0b8482024b8f320b5bdccb1014f5e1a34c6c795428660f026d93dd5dcabf2330dc62894bfe48fde6b931ba55dc2a222a27a3906ba5b98476321b6d27217fd58ad93b616aac91b139729d91de6f8ef49402e2741b8dd821f4cbaf7c4662ac782b255dc438164e54c417044e9bf5e13a8247777726dacea4341d8ba03bad17070dd0f07da13179d29ac00aefa41aaf4688e99eb395205f6d6d71999b3718f7f2d618117334977a92b15ed52e45e7d5df7a22be9cf0e008c41257d99b2426068c48de100b8e3019b624ce2f2849c35b74fe5ecc4478b2968a97cfcb759fc73c8cd21bda084646dadee926a4f606768749a89e11be2a23985631c922a73ba93f3619dcc4621c8da57697420859210aa43ec06feb649b9f1362fe9553f9d552b77203085d9a4da629f03fbf339bd8ccae6c411f6d8f131232575d28af2a2690529080f02a5a74fe59d1255039f09b8d565a4838930f88d6129389f2312a2ebcf0fe7d8b6dea3484cea9a1628349218b8ccefdea2b6c37676acc2a082fb73b19705e98079c1de7776cb830e79c0081a2da4059714f19587d10223fc50ea8434f1c7919a77acd7c5b20ac9fe8ad9d348e2c5bdb57fac1ec0c31a1688e22aab4f1a81826f3a47bd364505d35975c105a152aa8e42b2422a100ad3d3184d286884552143051b79294aba34bfc5cc332f0b6aa3bf186776ceb8861336ed97b85b9a7d548bf7b7a907256c7c6a2427d92aff68ba18544b95a75564029387fd2569943f8d54e64cc621123105eb56bcfaea06e38af31a05ef38302d2b6178121d52309865c5ec1147159c07b4d4e1ece24f6a1f63a492c617870c96dcabf43b73055d749e465cdbb965b18091eee65bd423f249d934ae904c2129b93d116353fe014e1afbcab5f74766a806451855bc28494653b9a863b9707c2a0fce3eb4b55c4220078651a94d3b9c6e92f4995dd56ec17d144b07bfb1b955b557d14774e64f400e0075781381b33d73a60f6b96cddbda0962b2a609e6bca56a109847bc13798be711d3779d5a8c6541bd247fe3b7477a1378cdafece044db3f31810bc95f8fb4ae7a8815303faac03651a13924308c06c8e86506b7d186a717a1bda1d7cdea2b8b682d37f954f488a8e0d65f868a81b1af4b8f7331ba84414a7ada82e81e06e76ddfa0aca0ca9a53a5de0bcdcbb77284bab522ffb6f803e95f116ac1670c50acd36d80f170e8e7e05163f050dc89dd93bf9160a545174472376e1fcbb945e9294f796a09ca78452683b8bd39049d118acc24ef0dc18ef88899dd7c27a3585e914e6f6bc8bb1950c061c722134243cf151785bc19dada45b90d97cb83bc60885a908d0c13be9e54f1929fe1f76fb9886808caf0442aca4539a42078bfee82418d611f4c432fcbc5242c35a396c17c1b93b98b277a9c8ef0143643e120c0de4b7c6beb0a582789b81a9d3a0b8f96a332c89764283d84ec5e6b8350683a2b4eebcb214a7ad430ff9ebcfc1d850717a8d38b8e35e67fea4b8f14938cc3eeacbee30616c09e848ebae3cefb8f2a904f2b3d1252019ec914278942d9b914f95574031cf21f412aa7500f3955db7b9ef9403750058d75e53d16803d4463f7884df1e361d34ce646e20b3427a45cd307283f1ff00cca6c841fb9b06543bf1a254b21ff421331facb2f08a484904ea25e049597c8b0a2140e8ed2906d574e73165ec5591c89b5dc08e5943ff7399f76b1df90947a9479b1aab40abf8ebadfa1455b6dcac672f495a64b6230fd3fe948ce6c16cb87e11ac7affc9047ef33fa64585c1dce3bab4fecc0c7d81b5ea73aed3ef63fafc880b6e2ba09d0df6d626e817075d5f330d91cec4bcf4829c20192bc0ef7f728f52dd3e074bafda4f8cd8465311a9124baad61bd73ca76a0d0d1b80cb7a5e429067ed4707b64d38613008c8af3ffcedfeb8cda26def8bef7cf947af23939d18adbf56715f90c2df716eb037d536cd36bc2b832c57f4a319f392e1ab37e02dfb392bd52b02801665c8ea28edfcb153f267dcfbd671d4eaa0d56335f7ce5eccda6b9f74621a1b322f1f3a60b00196a65327b36419394e776b2e1c1479f5f902c5918adfa5b112bfaf786eeea1abae7c8c9d3e3fe737c23092143376808b5e26cf896fb5202572533facacaac10ec26cab819f74cd372c95d50a9b6560da69c1b22d5c15759b7ab1d8118e672bea9af7e8a30458ccaa1586ed2720d5465e139fe3dfc0bc95107061471cdf28a42aa8149848a147a1710407021d13e611b36ad3624de35c4dc5a02ba8ae724b2d8cd85f15094e1893c98052cee135d0c1c11a73297775fb517abbb471a8b100cb51d8815acac16703b56f8aadae334601a84fc306efa08aeb2afbad94632b5f209603cf5e5ca634bd74ed2e525580ddd2f2ee65241788f5e867b44d7ecd71f5858d269ffda98d93860d8f1c26c47df1199f95991b54808bc26c0ab67b40745b8dfed41838e2c5594413d2c6022abe3c1f132e9f7c8c69e50729325d37e7502519d53d7e1bf0bc8f62d216fc9c88b197cfa1571ce8368cc1b4b625559cab7e8397c6c7bf537bc8b9d604f4bdb04cab86d349e4a33f92eaa07378eac07ed8d51aea9c15ef4c4b0e0a16f9c794701a1b74b58beb15cc165a4dc1a13a0886f55cba2b977447b61c01e1295a4221e19321201f1df0d25c9e14bc4433678e48a5081de7c81f79a6370843bf0d6e3e5192c1ddc0bad14a11ada8006e4f6549da3a877a991351610eb0c5bb6228d266baa27eab2b9bf4455fc54aed3c74c12590835e498c11efdc63dde52a62d8f3a3c978152018182b3e4cbd00fff317d06f8e9475b4c7506dcc5547d8ace2b71024aa0e2220936d2bd05163b8f15bc429378fec52ac39d167200758884056dc14d3329b1d47f477a217eabb651fa97e05451cd6e861996648ab439c9aa6fa032e9083b8c0f87890c88c50dd5a6e6be8c4a4361f3b4c3181c570407dd1d2d835a87dd4b24f55a649c3e478bc002f30894d06411dc4dd8277f796976b8b2884ed371013225bbd95955827741331777da30b1b3370fb4d0bb914d97660f7e06759ba54b5697a4f7cfb67035867f39e53306eb55b31ba660769ce6993b2f44a7173576766ed20992d04e6b4aff20c138102537a142ceeac3804fb0a4eaddeddb6bcc69007c5531f0ba6851854d8d836a51e8d644c7b79e071f19986090d2404b562a17e1ec1da775c171373bcf5d2c3d7dd64a587d66e42b6963d892df898766648f37c8d10ca249e28368c388f4e70a80b2992a0a390a2d51a17a0c1774fec2d399a2b0a99c802012fff6300c4275d1305b9a9d0f8144df64da9016f16369e813dafc7cff55c5a60602141fcaa62d9fc0b93df6524d8692be3c7ded5354b63014686e98ef2b5947eda93e0cd232d3fdea943d3bc92a6f2835c55aca33dcd087b7260bc68def6ce96ef5d536b61006a595219382d8b8365eb92eab44e677109971bc4dfd077a56ff1f27e9b80edffb5ecac7bde5dc2a74c30a24b9cd1b0d4356ec424350e364d0dc929d657a8626a22111d4a0f360fe33be72a1f2c4f5c1b9843145ddff70d583a9b433cab33b10d93531aab7bb8a53c738aae79222481b135eca9441f47068299deabdc9c4f77e5d4ea286e8300eb5956368d0499691dbab1499baef30bb6c4a9bb0159635dc1774203fda828bf804e8f526ffb55abd8700915232964b7f219a7bb221efa6428089263ab753eb421a1952bc780289a85ebb9b510dec67a826ccce1cdfbb29a3a55f4e1068ca2c077544efac686d77c67c927430c3ac78c7c8b1f834be9a689fdab38f1401797dba32a284f5c5f9ed13d34d8a001cfeeeb7de12aaeae7706004f96a293e52106fd945428e7e98915070b1584a323bd8f00b9803ce189c9c0af032752d979df57a5098458c7de034db79f43d27bcb720078b05e5f364f2d789343fb6fc8b2cab810b1745fa36aaccf5d27fc7f06ab821268d83e697870632814319533373f24584b35b2ba9dd9b52a4a2e559c90b1b87549530a64fdbba5587242535fd0d600fa6e8497369a5587627182c62da4a47bc6ea99f7aaa765e3b74b7d9c48e779c8b13a2535d03ef8ac4bf3fc9e6eda5628034e7e453fbd6153b8b8e9f693c5dfa37f6a0a2542e6f86ebd2ae926822d7b31963c8879557dfa2a869ba3c5dc2dfcb60bc0a0c9816c2c4c58bdc09c2d76a007e68c38fd8b88709e5c49341630e333e13413c3e60c0d768d4c98bcb297e819ceb0f8b229d3037ac95639344bf42ee7f77922a6ac039837356dfd7c0ba3c5393548369bd71b4824326eaeb80a9c249504a08bfc164af220047cdf054d928a8d929a2fb621665122062dbd5cdde82b8289e0d510246e0bc30d34d8e96703f75c75328f99437be474315d8cb55066badbc0ee852c8ef28e1de7f5b58dda97742db5f708c6be3279d700ba147f1519485020336c260d825920870739fdb288f22b980fb7bcbf147b1a95fcc3d8d1899749d928eea8d47cccc1fbbdd5729a3f2f73d2ae352eb3e043405bcb7fa12b2a80d6a3f0178a18cbc5794fd65f0caddaff57616dfed94884a48b27b181c55200d9ecdfbb082dcd2952089938e134eecb40c2f95cb7808fc7da09282787edb1939e75bc8e284c01239a895246be025c8e0168ae83f5adc62f4f81ddbf6ba9b5fce3ddd111eb61c42777a8c303abe291aa9ef383ef1d6c26c4f8698375cc76a7e078ac948f2e84de084fdb380d38d2e1810ce8118999554c06f8d583bd37003b407dd7b41a3b14f10a5ae7c2e8fdd087cc322ddc399fe38cc542bc957b38b0fda34a3ee5c6a97d25629d26a75de211fe1cc4ca63880caa8f85f3bd489c39cf30eac81784e4456a775dee3045df2a1875623a4fbf227cf90cd237721a6dff29d26a16306e4033cc644e35cba3cc4e45cfd0cefc9c8d8a0f35bf31a8319b54fb549554c7089b9334a9867d51d71aae1f342d5602ef2d394e6c8a8aa6c15121d8c8b3abe3416367dcc276c048c65311ad70df0ecf0cf817a1a27e1dc50fedea83de8a8bb7746e23be2f335c9cda9a7f08d72b9debc35d49e9ec4c9815040c38c11375dd7f2897b20479343b86b51c317e0e90f9465d8c425857e1831931714284c60f68036134304558e53d2d42813a42a3017ab21feab6132f3a2f8c5670a1076dab6136cd6836b52d7ee54639758085438831dcd8157ccae47784a35364babff9299e4eaa389931199b4901f12185a0d228473d4a147d88e55bd11f8ed2957b7f2f3efb3e444f0aec9bef1f68cffbdac04698cc277706f2ffdd263586b84c645f1721ee3008b398918fdfb9b06b98078447c0edd7c058524825a1124e9af37fa9cb77302aded60eca394c866397c3bc18f8277d9277921abd06b61b1445f43cd7f0b5b2c023832f6d67f86d9b6ff9985edee1ec2572486b43d3be834d5b60d208b1187ca7cc8b17133f55314ee640268d5337d7dcdf1742cb543d63ae3c09e312ac05b5d585d9437bf16bd560ef739f12c878178757e1f675a8671becae2bf03f87de4bc40b4b7a3aa6e2f28f015332b10b9fe426ebd45d7a26e769bb05eb2866bb34c56b079a5bd23352bcb08c379b400512b0d8438ee5371171ccbf2921c1e150fffb5885286f933f4393088ba21c47b15d1a35de27dbd02e58859aa080f87d0a857e92d0f52c549c04cd9368c94a8024e184773cb3431d854c2855e93ac9f24d5e45d11c2acfb03755e7f279b368e2e31b3653a7d7e2e102ac67f363c195272e2896bec544f669f2d25ae8638ac30da6ed52404b32b8ee9f0f2909ef6b4e2db3a6ea88b8a6f2f2c025959efb7b94005eb307aae01af8a19ee6178270be09d93837793b43bcdab98b9c04b6bfea7ac2217c11aeec277bc199b67ac24b7352299e7fec85aa151029d14441b56bb6031cdc72a1a90ef537c6d2bce7ffc7c366a88f8bc87cd8ef4e91b5ad9d85ed84f9b85f029252ad5ff13d564d842ef310feaba90974e40889e7cb753eb44ef96bc4c25b021fe50e9957a9c3cc9904aa920fc8a8e82a826b945559b57591fa1a26c380afe65d930f9bd9a3d93f57324d28c2741e728cbd106dccdf66863e49db8a0df1398ba8594fa5102b8157e4b987f4339820df5a7aa2b1c47ed0211437ee3d81dcbffa500dc4b743d49028581234c7e9db2e951d5bf3e3c448ce58bf94a2f7ef95eda07daae00bef1794d27330927b2460778fdee580efe431ee244aae452cd60100b6c9f0cd5e79e170a7b149abfcc26b77d33c35311c95e3ba0752eabce3d1310a8aa45ecd1659e4e855919d153ebeb434581a6d352508771b030acd3fee51badf6767a7931bbba2cf195bd98fd096a6be14d7172cf1dbe3a82bae73a29223c623c090cbc5fffe8f3291", 0x2000, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCGETPRL(r0, 0x8929, &(0x7f0000000480)={'sit0\x00', 0x0})

608.339021ms ago: executing program 0 (id=1529):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e"], 0x50}, 0x1, 0xba01}, 0x0)

608.032147ms ago: executing program 3 (id=1530):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000340)='./file2\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x1, 0x11f3, &(0x7f0000003f80)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
faccessat(r0, &(0x7f0000000000)='./file0\x00', 0x5)

513.776531ms ago: executing program 0 (id=1531):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000002000)=0x1395, 0x4)

460.545886ms ago: executing program 0 (id=1532):
setresuid(0x0, 0xee01, 0xee00)
setreuid(0xffffffffffffffff, 0xee00)

403.624426ms ago: executing program 3 (id=1533):
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x13, 0xf0, 0x8}, 0x50)
socket$netlink(0x10, 0x3, 0x0)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
socket$inet6(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xffffffff, 0x0, 0x0, 0x41100, 0x54, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x402000, 0x0)
bind$rose(r0, &(0x7f0000000540)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, @bcast}, 0x1c)

403.355086ms ago: executing program 0 (id=1534):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='virtio_transport_alloc_pkt\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0xff48, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, &(0x7f0000000440), 0x10)
listen(r3, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)

297.15005ms ago: executing program 0 (id=1535):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x8c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x5c, 0x2, {{}, [@TCA_NETEM_RATE={0x14, 0xe}, @TCA_NETEM_SLOT={0x2c}]}}}]}, 0x8c}}, 0x0)

111.791725ms ago: executing program 0 (id=1536):
syz_mount_image$cramfs(&(0x7f0000000040), &(0x7f0000000000)='./file1\x00', 0x2200082, &(0x7f0000000140)=ANY=[], 0xfe, 0x15b, &(0x7f0000000280)="$eJzs0TtrWmEcx/Hvc87jBarYUgtS2ip0qK0UvNBupfWUSoXaAy1dOgn2tA0ohghJRiVkyyBkdchlDXkLJjqEBF2SN5HFLZDRcI4nCbm8hP9nO7//Dc7z5cM4rbj2udmYX3BaLedP6oddKf087feLbh4Ewjfqs/69IvxH8wmYdMCNh1H4O1d3jFqz7n5PihACrAd+TiN2ec+Kazoacv58+iUMnnh9Bnczp0DAm3uqwYrNsizwbBNeMcV6NMvcfWeACUoF/WPPTVbLmeRjBcu9zO7O0ffRYfntm4/OWr7UfR1JmBlgC0uFD4b/Tkx/ajyqfLMr9riQz78vZHMG7469he0u+mtkEX4r0O4+A29fkMQL/QtWFKx7tyb7KgoMNs7tRujqX7eXzBSoZK9WTQS2q/GHBmZau5Up9/Aq3iMIIYQQQgghhBBCCCGEEEIIIYQQt1wEAAD//wVXUPY=")

0s ago: executing program 1 (id=1537):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="0c030000160001002bbd7000fedbdf250a0101faffffff000000000000000000fe8800060000000000000000000001014e2300004e2400000a0080201d000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000aa000004d533000000ac1414100000000000000000000000000800000000000000b507000000000000000000000000000006000000000000000900000000000000faffffffffffffffffffffff000000000300000000000000020000000000000002000000000000000100000000000000faffffffffffffff0000000001000100f9ffffff2abd700000000000020002060100000000000000080000004f07000008001f0004000000c40003006465666c617465000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0030000321333564941bd8413584a4c44374d31b8f5e4d1355de14a49707701f6856ff3544e1109e72765f583b84d4288bbcd0bd84ea340fc4f45636f516084e86baabda0fa429673acf5c6613af21f9f90878587479a0803e1676bb5e8fc177493a23d7948ab20d8fd37a714695af5d1aedbf7a389065fe0132556ebb3199f080016"], 0x30c}, 0x1, 0x0, 0x0, 0x10}, 0x400c8c0)

kernel console output (not intermixed with test programs):

7152] loop1: detected capacity change from 0 to 64
[  118.879118][ T7156] loop1: detected capacity change from 0 to 128
[  118.907730][ T7156] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  118.941510][ T7156] ext4 filesystem being mounted at /135/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  119.030558][ T7156] EXT4-fs error (device loop1): dx_make_map:1296: inode #2: block 20: comm syz.1.530: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  119.044934][ T7156] EXT4-fs error (device loop1) in do_split:2029: Corrupt filesystem
[  119.090249][ T5940] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  119.638519][ T5315] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  119.642509][    T9] usb 34-1: device descriptor read/8, error -110
[  119.792346][ T5315] usb 3-1: Using ep0 maxpacket: 32
[  119.796856][ T5315] usb 3-1: config 4 has an invalid interface number: 128 but max is 0
[  119.800154][ T5315] usb 3-1: config 4 has no interface number 0
[  119.804410][ T5315] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.808855][ T5315] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.814320][ T5315] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  119.822339][ T5315] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.831696][ T5315] hub 3-1:4.128: USB hub found
[  120.067680][    T9] usb usb34-port1: attempt power cycle
[  120.090243][ T5315] hub 3-1:4.128: 2 ports detected
[  120.092038][ T5315] hub 3-1:4.128: Using single TT (err -22)
[  120.408447][ T5315] hub 3-1:4.128: hub_hub_status failed (err = -71)
[  120.411929][ T5315] hub 3-1:4.128: config failed, can't get hub status (err -71)
[  120.441507][ T7203] loop1: detected capacity change from 0 to 128
[  120.448857][ T5315] usb 3-1: USB disconnect, device number 7
[  120.467267][ T7203] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  120.483622][ T7203] ext4 filesystem being mounted at /139/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  120.498857][ T7203] EXT4-fs warning (device loop1): verify_group_input:137: Cannot add at group 3 (only 1 groups)
[  120.525690][ T5940] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  120.560092][ T7207] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  120.713664][    T9] usb usb34-port1: unable to enumerate USB device
[  121.288892][ T7227] loop2: detected capacity change from 0 to 16
[  121.302353][ T7227] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  121.305406][ T7227] cramfs: root is not a directory
[  121.420300][ T7231] loop2: detected capacity change from 0 to 256
[  121.428418][ T7222] loop0: detected capacity change from 0 to 32768
[  121.434005][ T7222] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.558 (7222)
[  121.441674][ T7231] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  121.446965][ T7222] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  121.495690][ T7222] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  121.565385][ T7222] BTRFS info (device loop0): enabling ssd optimizations
[  121.567801][ T7222] BTRFS info (device loop0): enabling free space tree
[  121.743840][   T33] audit: type=1326 audit(1758711021.016:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7254 comm="syz.1.566" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbbe058ec29 code=0x0
[  121.753150][ T5947] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  122.902804][ T7279] netlink: 4 bytes leftover after parsing attributes in process `syz.0.575'.
[  123.037113][ T5969] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.139707][ T5969] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.268703][ T5969] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.396533][ T5969] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  123.571297][ T5941] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  123.580047][ T5941] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  123.585589][ T5941] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  123.594847][ T5941] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  123.598513][ T5941] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  123.671855][ T5969] bridge_slave_1: left allmulticast mode
[  123.681905][ T5969] bridge_slave_1: left promiscuous mode
[  123.686751][ T5969] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.702069][ T5969] bridge_slave_0: left allmulticast mode
[  123.725544][ T5969] bridge_slave_0: left promiscuous mode
[  123.728855][ T5969] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.946061][ T7302] loop0: detected capacity change from 0 to 4096
[  123.988914][ T7302] Cannot load nls none
[  124.267525][ T5969] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  124.275362][ T5969] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  124.281612][ T5969] bond0 (unregistering): (slave macvlan0): Releasing backup interface
[  124.288331][ T5969] veth1_vlan: left allmulticast mode
[  124.291867][ T5969] bond0 (unregistering): Released all slaves
[  124.848994][ T7307] loop0: detected capacity change from 0 to 131072
[  124.856913][ T7307] F2FS-fs (loop0): Invalid log sectorsize (67108873)
[  124.859831][ T7307] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  124.867948][ T7307] F2FS-fs (loop0): invalid crc value
[  124.936832][ T7307] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  124.946386][ T7290] chnl_net:caif_netlink_parms(): no params data found
[  124.948885][ T7307] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  124.953483][ T7307] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  125.094226][ T7309] loop1: detected capacity change from 0 to 40427
[  125.111275][ T7309] F2FS-fs: heap/no_heap options were deprecated
[  125.134303][ T5969] hsr_slave_0: left promiscuous mode
[  125.137887][ T7309] F2FS-fs (loop1): build fault injection rate: 14
[  125.140475][ T7309] F2FS-fs (loop1): build fault injection type: 0x3bfe8b
[  125.151725][ T5969] hsr_slave_1: left promiscuous mode
[  125.160811][ T5969] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  125.161175][ T7309] F2FS-fs (loop1): invalid crc value
[  125.169820][ T7309] F2FS-fs (loop1): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x4429/0x6ff0
[  125.172783][ T5969] batman_adv: batadv0: Removing interface: batadv_slave_0
[  125.174904][ T7309] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-12)
[  125.191137][ T5969] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  125.202306][ T5969] batman_adv: batadv0: Removing interface: batadv_slave_1
[  125.238262][ T5969] veth1_macvtap: left promiscuous mode
[  125.240935][ T5969] veth0_macvtap: left promiscuous mode
[  125.250279][ T5969] veth1_vlan: left promiscuous mode
[  125.253039][ T5969] veth0_vlan: left promiscuous mode
[  125.687248][ T5238] Bluetooth: hci1: command tx timeout
[  126.047781][ T5969] team0 (unregistering): Port device team_slave_1 removed
[  126.171011][ T5969] team0 (unregistering): Port device team_slave_0 removed
[  126.194017][ T7343] loop1: detected capacity change from 0 to 512
[  126.228782][ T7343] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.244484][ T7343] ext4 filesystem being mounted at /154/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.314983][ T5940] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.058366][ T7290] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.061313][ T7290] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.078163][ T7290] bridge_slave_0: entered allmulticast mode
[  127.093318][ T7290] bridge_slave_0: entered promiscuous mode
[  127.116297][ T7290] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.119371][ T7290] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.125173][ T7290] bridge_slave_1: entered allmulticast mode
[  127.130500][ T7290] bridge_slave_1: entered promiscuous mode
[  127.243089][ T7290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  127.266769][ T7290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  127.395917][ T7290] team0: Port device team_slave_0 added
[  127.409766][ T7290] team0: Port device team_slave_1 added
[  127.537465][ T7290] batman_adv: batadv0: Adding interface: batadv_slave_0
[  127.543993][ T7290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.558533][ T7290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  127.566103][ T7290] batman_adv: batadv0: Adding interface: batadv_slave_1
[  127.569220][ T7290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.591699][ T7290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  127.714512][ T7290] hsr_slave_0: entered promiscuous mode
[  127.719138][ T7290] hsr_slave_1: entered promiscuous mode
[  127.723940][ T7290] debugfs: 'hsr0' already exists in 'hsr'
[  127.727000][ T7290] Cannot create hsr debugfs directory
[  127.752581][ T5238] Bluetooth: hci1: command tx timeout
[  127.962274][ T6004] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  128.111706][ T7379] loop0: detected capacity change from 0 to 32768
[  128.120858][ T7379] XFS: ikeep mount option is deprecated.
[  128.124474][ T6004] usb 2-1: Using ep0 maxpacket: 8
[  128.127729][ T7379] XFS: attr2 mount option is deprecated.
[  128.130134][ T7379] XFS: noikeep mount option is deprecated.
[  128.138546][ T6004] usb 2-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=7a.1a
[  128.142069][ T6004] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.148490][ T6004] usb 2-1: Product: syz
[  128.150282][ T6004] usb 2-1: Manufacturer: syz
[  128.155826][ T6004] usb 2-1: SerialNumber: syz
[  128.162923][ T6004] usb 2-1: config 0 descriptor??
[  128.189094][ T6004] gspca_main: sn9c2028-2.14.0 probing 0458:7003
[  128.194043][ T7379] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  128.215619][ T7379] XFS (loop0): Ending clean mount
[  128.225433][ T7379] XFS (loop0): Quotacheck needed: Please wait.
[  128.268237][ T7379] XFS (loop0): Quotacheck: Done.
[  128.290467][   T33] audit: type=1800 audit(1758711027.556:7): pid=7379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.599" name="bus" dev="loop0" ino=4426 res=0 errno=0
[  128.350932][ T7290] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  128.357059][ T7290] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  128.367046][ T7290] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  128.374645][ T7290] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  128.436024][ T5947] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  128.548330][ T7290] 8021q: adding VLAN 0 to HW filter on device bond0
[  128.583542][ T6004] gspca_sn9c2028: read1 error -71
[  128.589179][ T7290] 8021q: adding VLAN 0 to HW filter on device team0
[  128.592412][ T6004] gspca_sn9c2028: read1 error -71
[  128.602476][ T6004] sn9c2028 2-1:0.0: probe with driver sn9c2028 failed with error -71
[  128.622298][ T6004] usb 2-1: USB disconnect, device number 8
[  128.640677][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.643843][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  128.707309][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.710420][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.169901][ T7290] 8021q: adding VLAN 0 to HW filter on device batadv0
[  129.454044][ T7290] veth0_vlan: entered promiscuous mode
[  129.513729][ T7290] veth1_vlan: entered promiscuous mode
[  129.832793][ T5238] Bluetooth: hci1: command tx timeout
[  129.834315][ T7290] veth0_macvtap: entered promiscuous mode
[  129.866655][ T7290] veth1_macvtap: entered promiscuous mode
[  129.930729][ T7290] batman_adv: batadv0: Interface activated: batadv_slave_0
[  129.982003][ T7290] batman_adv: batadv0: Interface activated: batadv_slave_1
[  130.039233][ T5969] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  130.044870][ T5969] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  130.051105][ T5969] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  130.057450][ T5969] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  130.349714][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.362576][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.434552][ T1089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.437757][ T1089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  131.726758][ T7466] loop0: detected capacity change from 0 to 128
[  131.922459][ T5238] Bluetooth: hci1: command tx timeout
[  131.978953][ T7471] program syz.2.618 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  132.637483][ T1365] ieee802154 phy0 wpan0: encryption failed: -22
[  132.641479][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[  133.584272][ T7484] netlink: 8 bytes leftover after parsing attributes in process `syz.1.623'.
[  134.432431][   T24] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  134.592379][   T24] usb 3-1: Using ep0 maxpacket: 8
[  134.599413][   T24] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  134.602874][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  134.607034][   T24] usb 3-1: config 0 has no interface number 0
[  134.609771][   T24] usb 3-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75
[  134.613385][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.623264][   T24] usb 3-1: config 0 descriptor??
[  134.770252][ T7497] bridge_slave_0: left allmulticast mode
[  134.773893][ T7497] bridge_slave_0: left promiscuous mode
[  134.778266][ T7497] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.794894][ T7497] bridge_slave_1: left allmulticast mode
[  134.797341][ T7497] bridge_slave_1: left promiscuous mode
[  134.800072][ T7497] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.814175][ T7497] bond0: (slave bond_slave_0): Releasing backup interface
[  134.831248][ T7497] bond0: (slave bond_slave_1): Releasing backup interface
[  134.882630][   T24] usb 3-1: USB disconnect, device number 8
[  134.890496][ T7497] team0: Port device team_slave_0 removed
[  134.900923][ T7499] netlink: 'syz.0.628': attribute type 10 has an invalid length.
[  134.933697][ T7497] team0: Port device team_slave_1 removed
[  134.936860][ T7497] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  134.963280][ T7497] batman_adv: batadv0: Removing interface: batadv_slave_0
[  134.968470][ T7497] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  134.971407][ T7497] batman_adv: batadv0: Removing interface: batadv_slave_1
[  134.980546][ T7497] bond1: (slave batadv1): Releasing active interface
[  135.034009][ T7499] 8021q: adding VLAN 0 to HW filter on device bond0
[  135.040356][ T7499] team0: Port device bond0 added
[  135.063145][ T7495] loop1: detected capacity change from 0 to 32768
[  135.668237][ T7523] loop0: detected capacity change from 0 to 4096
[  135.678506][ T7523] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  135.970885][ T7551] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  136.041469][ T7557] netlink: 'syz.0.657': attribute type 27 has an invalid length.
[  136.192321][   T10] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  136.237153][ T7566] loop1: detected capacity change from 0 to 1024
[  136.240119][ T7566] EXT4-fs: Ignoring removed nomblk_io_submit option
[  136.256994][ T7566] EXT4-fs (loop1): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.292613][ T5940] EXT4-fs (loop1): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  136.334773][ T5989] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  136.342907][   T10] usb 3-1: Using ep0 maxpacket: 32
[  136.352106][   T10] usb 3-1: config 0 has an invalid interface number: 35 but max is 0
[  136.362342][   T10] usb 3-1: config 0 has no interface number 0
[  136.367466][   T10] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  136.371219][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.380361][   T10] usb 3-1: Product: syz
[  136.382122][   T10] usb 3-1: Manufacturer: syz
[  136.384399][   T10] usb 3-1: SerialNumber: syz
[  136.389266][   T10] usb 3-1: config 0 descriptor??
[  136.556704][ T5989] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  136.571711][ T5989] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1
[  136.586555][ T5989] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 10
[  136.625941][ T5989] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 10
[  136.671022][ T5989] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 255, setting to 64
[  136.705130][ T5989] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  136.735384][   T10] radio-si470x 3-1:0.35: this is not a si470x device.
[  136.783606][ T5989] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  136.803771][ T5989] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  136.837589][ T5989] usb 1-1: Manufacturer: syz
[  136.846180][ T5989] usb 1-1: config 0 descriptor??
[  136.940100][   T10] radio-raremono 3-1:0.35: this is not Thanko's Raremono.
[  136.946926][   T10] usb 3-1: USB disconnect, device number 9
[  137.063566][   T24] usb 1-1: USB disconnect, device number 5
[  137.355923][ T7579] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  137.616219][ T7592] loop2: detected capacity change from 0 to 128
[  137.636123][ T7594] netlink: 'syz.1.671': attribute type 11 has an invalid length.
[  137.807246][ T7604] loop1: detected capacity change from 0 to 2048
[  137.860166][ T7604]  loop1: p2 p3 < > p4 < p5 >
[  137.861892][ T7604] loop1: partition table partially beyond EOD, truncated
[  137.880729][ T7604] loop1: p3 start 4284289 is beyond EOD, truncated
[  137.882400][   T10] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  137.931733][ T5943] udevd[5943]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[  137.934781][ T6554] udevd[6554]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  137.941751][ T5939] udevd[5939]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  138.048483][   T10] usb 3-1: Using ep0 maxpacket: 16
[  138.054968][   T10] usb 3-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  138.061337][   T10] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  138.074879][   T10] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  138.078704][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.081960][   T10] usb 3-1: Product: syz
[  138.092437][   T10] usb 3-1: Manufacturer: syz
[  138.094422][   T10] usb 3-1: SerialNumber: syz
[  138.138131][ T7616] block device autoloading is deprecated and will be removed.
[  138.250971][ T7618] loop0: detected capacity change from 0 to 256
[  138.265958][ T7618] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x2e76b09e, utbl_chksum : 0xe619d30d)
[  138.315314][   T10] usb 3-1: 0:2 : does not exist
[  138.322851][   T10] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  138.351239][   T10] usb 3-1: USB disconnect, device number 10
[  138.395950][ T5939] udevd[5939]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  138.993676][ T7620] debugfs: 'ttyS3' already exists in 'caif_serial'
[  139.140195][ T7630] loop0: detected capacity change from 0 to 256
[  139.155867][ T7630] exfat: Deprecated parameter 'utf8'
[  139.157958][ T7630] exfat: Deprecated parameter 'utf8'
[  139.182833][ T7630] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  139.224790][ T7624] overlayfs: failed lookup in lower (newroot/199, name='file0', err=-40): overlapping layers
[  139.322381][    T9] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  139.351771][ T7644] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  139.354470][ T7644] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  139.379493][ T7644] vhci_hcd vhci_hcd.0: Device attached
[  139.404280][ T7644] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  139.406411][ T7644] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  139.417059][ T7644] vhci_hcd vhci_hcd.0: Device attached
[  139.421484][ T7650] vhci_hcd: connection closed
[  139.423944][ T5745] vhci_hcd: stop threads
[  139.427006][ T7646] usbip_core: unknown command
[  139.432423][ T5745] vhci_hcd: release socket
[  139.435826][ T5745] vhci_hcd: disconnect device
[  139.437215][ T7646] vhci_hcd: unknown pdu 4006317609
[  139.445107][ T7646] usbip_core: unknown command
[  139.448185][ T5745] vhci_hcd: stop threads
[  139.449923][ T5745] vhci_hcd: release socket
[  139.451466][ T5745] vhci_hcd: disconnect device
[  139.474334][    T9] usb 3-1: Using ep0 maxpacket: 32
[  139.478316][    T9] usb 3-1: config 0 interface 0 altsetting 252 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.481714][    T9] usb 3-1: config 0 interface 0 altsetting 252 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  139.492408][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  139.496873][    T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=0324, bcdDevice= 0.00
[  139.500162][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.504668][    T9] usb 3-1: config 0 descriptor??
[  139.922486][    T9] magicmouse 0003:05AC:0324.0001: unknown main item tag 0x0
[  139.925555][    T9] magicmouse 0003:05AC:0324.0001: unknown main item tag 0x0
[  139.928328][    T9] magicmouse 0003:05AC:0324.0001: unknown main item tag 0x0
[  139.930802][    T9] magicmouse 0003:05AC:0324.0001: unknown main item tag 0x0
[  139.933699][    T9] magicmouse 0003:05AC:0324.0001: unknown main item tag 0x0
[  139.944665][    T9] magicmouse 0003:05AC:0324.0001: hidraw0: USB HID v80.00 Device [HID 05ac:0324] on usb-dummy_hcd.2-1/input0
[  139.950762][    T9] magicmouse 0003:05AC:0324.0001: magicmouse input not registered
[  139.957861][    T9] magicmouse 0003:05AC:0324.0001: probe with driver magicmouse failed with error -12
[  140.018917][ T7656] binder: 7655:7656 unknown command 0
[  140.021377][ T7656] binder: 7655:7656 ioctl c0306201 200000000080 returned -22
[  140.120410][ T7627] loop2: detected capacity change from 0 to 8
[  140.127531][ T7627] unable to read inode lookup table
[  140.132716][    T9] usb 3-1: USB disconnect, device number 11
[  141.111390][ T7689] overlayfs: overlapping lowerdir path
[  141.137569][ T7689] overlayfs: failed to resolve './file1': -2
[  141.567176][ T7697] loop1: detected capacity change from 0 to 128
[  141.573297][ T7697] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  141.579118][ T7697] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  141.722696][   T24] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  141.872321][   T24] usb 1-1: Using ep0 maxpacket: 16
[  141.877998][   T24] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  141.881463][   T24] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  141.885506][   T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  141.900391][   T24] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  141.903747][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.906460][   T24] usb 1-1: Product: syz
[  141.907894][   T24] usb 1-1: Manufacturer: syz
[  141.909631][   T24] usb 1-1: SerialNumber: syz
[  142.343523][   T24] usb 1-1: 0:2 : does not exist
[  142.967878][   T24] usb 1-1: 1:0: bogus dB values (-12637/-11528), disabling dB reporting
[  142.981618][   T24] usb 1-1: 1:0: failed to get current value for ch 0 (-22)
[  143.013486][   T24] usb 1-1: USB disconnect, device number 6
[  143.043508][ T5939] udevd[5939]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  143.238163][ T7703] loop1: detected capacity change from 0 to 65536
[  143.253324][ T7703] XFS (loop1): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  143.264784][ T7703] XFS (loop1): Ending clean mount
[  143.294352][ T5940] XFS (loop1): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  143.810672][ T7723] loop1: detected capacity change from 0 to 32768
[  143.861057][ T7723] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  143.876355][ T7729] netlink: 'syz.2.719': attribute type 1 has an invalid length.
[  143.882001][   T33] audit: type=1800 audit(1758711043.146:8): pid=7723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.717" name="bus" dev="loop1" ino=17058 res=0 errno=0
[  143.893244][ T7729] netlink: 4 bytes leftover after parsing attributes in process `syz.2.719'.
[  143.899556][ T7725] loop0: detected capacity change from 0 to 32768
[  143.917618][ T7725] __jfs_setxattr: xattr_size = 2175, new_size = 14921
[  143.930094][ T5940] ocfs2: Unmounting device (7,1) on (node local)
[  144.119474][ T7737] tipc: Started in network mode
[  144.121225][ T7737] tipc: Node identity , cluster identity 4711
[  144.123982][ T7737] tipc: Failed to set node id, please configure manually
[  144.129135][ T7737] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  144.520158][ T7758] netlink: 8 bytes leftover after parsing attributes in process `syz.2.733'.
[  145.152321][ T5989] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  145.264954][ T7766] loop0: detected capacity change from 0 to 256
[  145.273144][ T7766] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  145.291767][ T7766] fuse: Bad value for 'fd'
[  145.305412][ T5989] usb 3-1: Using ep0 maxpacket: 32
[  145.319314][ T5989] usb 3-1: config 6 interface 0 has no altsetting 0
[  145.335144][ T5989] usb 3-1: New USB device found, idVendor=2a39, idProduct=3fa0, bcdDevice=20.3d
[  145.336219][ T7768] loop1: detected capacity change from 0 to 1024
[  145.338218][ T5989] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.355854][ T5989] usb 3-1: Product: syz
[  145.357759][ T5989] usb 3-1: Manufacturer: syz
[  145.359703][ T5989] usb 3-1: SerialNumber: syz
[  145.398003][ T7770] netlink: 8 bytes leftover after parsing attributes in process `syz.0.738'.
[  145.416069][ T1094] hfsplus: b-tree write err: -5, ino 4
[  145.461018][ T7772] loop0: detected capacity change from 0 to 64
[  146.063201][ T5989] snd-usb-audio 3-1:6.0: probe with driver snd-usb-audio failed with error -22
[  146.069030][ T5989] usb 3-1: USB disconnect, device number 12
[  146.104938][ T5939] udevd[5939]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:6.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  146.307062][ T7789] vlan2: entered allmulticast mode
[  146.309332][ T7789] batadv0: entered allmulticast mode
[  146.468890][ T7795] netlink: 56 bytes leftover after parsing attributes in process `syz.2.748'.
[  146.538494][ T7799] pim6reg: entered allmulticast mode
[  146.544738][ T7799] pim6reg: left allmulticast mode
[  146.964534][ T7804] loop0: detected capacity change from 0 to 32768
[  146.970358][ T7804] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.752 (7804)
[  147.000912][ T7804] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  147.030512][ T7804] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  147.037338][ T7804] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  147.321306][ T7804] BTRFS info (device loop0): rebuilding free space tree
[  147.421662][ T7804] BTRFS info (device loop0): disabling free space tree
[  147.452472][ T7804] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  147.474860][ T7804] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  147.524222][ T7804] BTRFS info (device loop0): enabling ssd optimizations
[  147.539937][ T7804] BTRFS info (device loop0): turning off barriers
[  147.556615][ T7804] BTRFS info (device loop0): turning on flush-on-commit
[  147.576058][ T7804] BTRFS info (device loop0): enabling disk space caching
[  147.592016][ T7804] BTRFS info (device loop0): force clearing of disk cache
[  147.611603][ T7804] BTRFS info (device loop0): force lzo compression, level 1
[  147.642036][ T7804] BTRFS info (device loop0): max_inline set to 86
[  147.928332][ T5947] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  148.406652][ T7840] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  148.406963][ T7839] loop0: detected capacity change from 0 to 256
[  148.421893][ T6004] kernel write not supported for file /80/clear_refs (pid: 6004 comm: kworker/1:4)
[  148.444688][ T7839] exFAT-fs (loop0): failed to read boot sector
[  148.449054][ T7839] exFAT-fs (loop0): failed to recognize exfat type
[  148.660259][ T7843] netlink: 40 bytes leftover after parsing attributes in process `syz.2.763'.
[  148.733529][ T7848] netlink: 848 bytes leftover after parsing attributes in process `syz.1.765'.
[  148.836371][ T7850] loop2: detected capacity change from 0 to 4096
[  148.843307][ T7850] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  148.882524][ T7850] ntfs3(loop2): ino=1a, mi_enum_attr
[  148.884790][ T7850] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  149.863556][ T7879] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  149.925561][ T7875] loop1: detected capacity change from 0 to 32768
[  150.216833][ T7893] netlink: 4 bytes leftover after parsing attributes in process `syz.2.782'.
[  150.482639][ T6004] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  150.642396][ T6004] usb 3-1: Using ep0 maxpacket: 32
[  150.650503][ T6004] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  150.655971][ T6004] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 3
[  150.668350][ T6004] usb 3-1: New USB device found, idVendor=093b, idProduct=a104, bcdDevice= 0.01
[  150.672528][ T6004] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.676479][ T6004] usb 3-1: Product: syz
[  150.678599][ T6004] usb 3-1: Manufacturer: syz
[  150.680922][ T6004] usb 3-1: SerialNumber: syz
[  150.718288][ T6004] usb 3-1: config 0 descriptor??
[  150.765192][ T6004] go7007 3-1:0.0: probe with driver go7007 failed with error -12
[  151.169795][ T7897] loop0: detected capacity change from 0 to 32768
[  151.191633][ T7897] XFS: attr2 mount option is deprecated.
[  151.230468][ T7897] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  151.263483][ T7897] XFS (loop0): Ending clean mount
[  151.274705][ T7897] XFS (loop0): Quotacheck needed: Please wait.
[  151.301689][ T7897] XFS (loop0): Quotacheck: Done.
[  151.331879][ T5947] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  151.673061][ T7911] loop0: detected capacity change from 0 to 32768
[  151.680471][ T7911] (syz.0.787,7911,1):ocfs2_initialize_super:2087 ERROR: couldn't mount because of unsupported optional features (1).
[  151.685068][ T7911] (syz.0.787,7911,1):ocfs2_fill_super:1177 ERROR: status = -22
[  152.639403][ T7921] loop0: detected capacity change from 0 to 2048
[  152.665284][ T7921] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  153.315182][ T6004] usb 3-1: USB disconnect, device number 13
[  153.673654][ T7934] loop1: detected capacity change from 0 to 40427
[  153.679505][ T7934] F2FS-fs (loop1): build fault injection rate: 14
[  153.682339][ T7934] F2FS-fs (loop1): build fault injection type: 0x3bfe8c
[  153.688726][ T7934] F2FS-fs (loop1): invalid crc value
[  153.690388][ T7939] loop0: detected capacity change from 0 to 16
[  153.700908][    C1] F2FS-fs (loop1): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  153.710556][ T7939] erofs (device loop0): dirblkbits 5 isn't supported
[  153.717676][    C1] F2FS-fs (loop1): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  153.766647][ T7934] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  153.774859][ T7934] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  153.781802][ T7934] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  153.816687][ T7934] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  153.827360][ T7934] F2FS-fs (loop1): inject dquot initialize in f2fs_dquot_initialize of f2fs_convert_inline_inode+0x677/0x880
[  153.834535][ T7934] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  153.840747][ T7934] F2FS-fs (loop1): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0xab1/0x1cf0
[  153.846108][ T7934] F2FS-fs (loop1): inconsistent node block, node_type:0, nid:16, node_footer[nid:16,ino:3,ofs:191623,cpver:0,blkaddr:0]
[  153.861193][ T7934] F2FS-fs (loop1): inject dquot initialize in f2fs_dquot_initialize of f2fs_evict_inode+0x782/0x19c0
[  153.936995][ T5940] syz-executor: attempt to access beyond end of device
[  153.936995][ T5940] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  153.969769][ T5940] CPU: 1 UID: 0 PID: 5940 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  153.969811][ T5940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  153.969818][ T5940] Call Trace:
[  153.969824][ T5940]  <TASK>
[  153.969830][ T5940]  dump_stack_lvl+0x189/0x250
[  153.969852][ T5940]  ? __pfx_dump_stack_lvl+0x10/0x10
[  153.969864][ T5940]  ? __pfx_queue_work_on+0x10/0x10
[  153.969877][ T5940]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  153.969894][ T5940]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  153.969915][ T5940]  f2fs_handle_critical_error+0x37c/0x540
[  153.969938][ T5940]  f2fs_write_end_io+0x886/0xb60
[  153.969958][ T5940]  __submit_merged_bio+0x27a/0x6a0
[  153.969976][ T5940]  __submit_merged_write_cond+0x255/0x530
[  153.969995][ T5940]  f2fs_write_data_pages+0x261d/0x3000
[  153.970028][ T5940]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  153.970109][ T5940]  ? __lock_acquire+0xab9/0xd20
[  153.970153][ T5940]  ? do_raw_spin_lock+0x121/0x290
[  153.970192][ T5940]  ? do_raw_spin_unlock+0x4d/0x240
[  153.970208][ T5940]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  153.970218][ T5940]  do_writepages+0x32e/0x550
[  153.970241][ T5940]  ? do_raw_spin_unlock+0x4d/0x240
[  153.970263][ T5940]  filemap_fdatawrite+0x199/0x240
[  153.970280][ T5940]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  153.970342][ T5940]  ? do_raw_spin_unlock+0x4d/0x240
[  153.970359][ T5940]  f2fs_sync_dirty_inodes+0x31f/0x830
[  153.970399][ T5940]  f2fs_write_checkpoint+0x95a/0x1df0
[  153.970429][ T5940]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  153.970490][ T5940]  ? kill_f2fs_super+0x298/0x6c0
[  153.970509][ T5940]  kill_f2fs_super+0x2c3/0x6c0
[  153.970524][ T5940]  ? __pfx_kill_f2fs_super+0x10/0x10
[  153.970534][ T5940]  ? radix_tree_delete_item+0x2b6/0x400
[  153.970552][ T5940]  ? shrinker_free+0x2ce/0x3e0
[  153.970567][ T5940]  deactivate_locked_super+0xbc/0x130
[  153.970583][ T5940]  cleanup_mnt+0x425/0x4c0
[  153.970596][ T5940]  ? lockdep_hardirqs_on+0x9c/0x150
[  153.970610][ T5940]  task_work_run+0x1d4/0x260
[  153.970630][ T5940]  ? __pfx_task_work_run+0x10/0x10
[  153.970641][ T5940]  ? __x64_sys_umount+0x122/0x160
[  153.970678][ T5940]  ? exit_to_user_mode_loop+0x40/0x110
[  153.970698][ T5940]  exit_to_user_mode_loop+0xec/0x110
[  153.970732][ T5940]  do_syscall_64+0x2bd/0x3b0
[  153.970747][ T5940]  ? lockdep_hardirqs_on+0x9c/0x150
[  153.970757][ T5940]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.970768][ T5940]  ? exc_page_fault+0x9f/0xf0
[  153.970779][ T5940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.970789][ T5940] RIP: 0033:0x7fbbe058ff57
[  153.970801][ T5940] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  153.970810][ T5940] RSP: 002b:00007ffe33611458 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  153.970824][ T5940] RAX: 0000000000000000 RBX: 00007fbbe0611c2d RCX: 00007fbbe058ff57
[  153.970850][ T5940] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe33611510
[  153.970857][ T5940] RBP: 00007ffe33611510 R08: 0000000000000000 R09: 0000000000000000
[  153.970863][ T5940] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe336125a0
[  153.970871][ T5940] R13: 00007fbbe0611c2d R14: 0000000000025894 R15: 00007ffe336125e0
[  153.970890][ T5940]  </TASK>
[  153.971224][ T5940] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  154.119608][ T7948] loop0: detected capacity change from 0 to 256
[  154.122108][ T7948] exfat: Deprecated parameter 'utf8'
[  154.127663][ T7948] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x4d7dfc9d, utbl_chksum : 0xe619d30d)
[  154.433158][ T7956] loop0: detected capacity change from 0 to 1024
[  154.445790][ T7956] EXT4-fs: Ignoring removed bh option
[  154.447978][ T7956] EXT4-fs: inline encryption not supported
[  154.450544][ T7956] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  154.458219][ T7956] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e018, mo2=0001]
[  154.461843][ T7956] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #11: comm syz.0.806: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0)
[  154.468153][ T7956] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.806: couldn't read orphan inode 11 (err -117)
[  154.473594][ T7956] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.493507][ T7956] System zones: 0-1, 3-12
[  154.495388][ T7956] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  154.515612][ T5947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.882398][ T6004] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  154.932397][ T5989] usb 1-1: new low-speed USB device number 7 using dummy_hcd
[  155.033367][ T6004] usb 2-1: Using ep0 maxpacket: 32
[  155.045911][ T6004] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  155.049263][ T6004] usb 2-1: config 0 has no interface number 0
[  155.054299][ T6004] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  155.059848][ T6004] usb 2-1: config 0 interface 85 has no altsetting 0
[  155.065635][ T6004] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  155.069316][ T6004] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.074296][ T6004] usb 2-1: Product: syz
[  155.076035][ T6004] usb 2-1: Manufacturer: syz
[  155.077984][ T6004] usb 2-1: SerialNumber: syz
[  155.083463][ T6004] usb 2-1: config 0 descriptor??
[  155.109218][ T5989] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  155.115338][ T5989] usb 1-1: config 0 has no interface number 0
[  155.118093][ T5989] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  155.125321][ T5989] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  155.134332][ T5989] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  155.148595][ T5989] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.156538][ T5989] usb 1-1: config 0 descriptor??
[  155.165450][ T7974] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  155.190989][ T5989] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  155.377004][ T7990] QAT: failed to copy from user cfg_data.
[  155.391837][ T5989] usb 1-1: USB disconnect, device number 7
[  155.496162][ T7994] netlink: 104 bytes leftover after parsing attributes in process `syz.2.821'.
[  155.709568][ T6004] appletouch 2-1:0.85: Geyser mode initialized.
[  155.715610][ T6004] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input6
[  155.919397][    T9] usb 2-1: USB disconnect, device number 9
[  155.946430][ T8005] loop0: detected capacity change from 0 to 128
[  155.954508][    T9] appletouch 2-1:0.85: input: appletouch disconnected
[  156.046850][   T26] kworker/u9:0: attempt to access beyond end of device
[  156.046850][   T26] loop0: rw=1, sector=145, nr_sectors = 16 limit=128
[  156.054036][   T26] kworker/u9:0: attempt to access beyond end of device
[  156.054036][   T26] loop0: rw=1, sector=169, nr_sectors = 8 limit=128
[  156.059663][   T26] kworker/u9:0: attempt to access beyond end of device
[  156.059663][   T26] loop0: rw=1, sector=185, nr_sectors = 8 limit=128
[  156.066697][   T26] kworker/u9:0: attempt to access beyond end of device
[  156.066697][   T26] loop0: rw=1, sector=201, nr_sectors = 8 limit=128
[  156.072556][   T26] kworker/u9:0: attempt to access beyond end of device
[  156.072556][   T26] loop0: rw=1, sector=217, nr_sectors = 8 limit=128
[  156.078539][   T26] kworker/u9:0: attempt to access beyond end of device
[  156.078539][   T26] loop0: rw=1, sector=233, nr_sectors = 8 limit=128
[  156.085930][   T26] kworker/u9:0: attempt to access beyond end of device
[  156.085930][   T26] loop0: rw=1, sector=249, nr_sectors = 8 limit=128
[  156.091886][   T26] kworker/u9:0: attempt to access beyond end of device
[  156.091886][   T26] loop0: rw=1, sector=265, nr_sectors = 8 limit=128
[  156.099745][   T26] kworker/u9:0: attempt to access beyond end of device
[  156.099745][   T26] loop0: rw=1, sector=281, nr_sectors = 8 limit=128
[  156.156395][ T8008] loop0: detected capacity change from 0 to 1024
[  156.186406][   T33] audit: type=1800 audit(1758711055.456:9): pid=8008 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.827" name=3A1B dev="loop0" ino=26 res=0 errno=0
[  156.206499][   T40] hfsplus: b-tree write err: -5, ino 4
[  156.288400][ T8012] loop0: detected capacity change from 0 to 512
[  156.298628][ T8012] EXT4-fs (loop0): Test dummy encryption mode enabled
[  156.328718][ T8012] EXT4-fs error (device loop0): __ext4_iget:5464: inode #11: block 1: comm syz.0.829: invalid block
[  156.333866][ T8012] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.829: couldn't read orphan inode 11 (err -117)
[  156.340498][ T8012] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.411562][ T8012] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  156.423277][ T8012] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters
[  156.456247][ T5947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.680754][ T8027] loop2: detected capacity change from 0 to 512
[  156.689984][ T8027] EXT4-fs: Ignoring removed oldalloc option
[  156.702810][ T8027] EXT4-fs: Ignoring removed orlov option
[  156.714603][ T8027] EXT4-fs: Invalid want_extra_isize 8
[  156.861097][ T8032] binder: binder_mmap: 8031 200000000000-200000b36000 bad vm_flags failed -1
[  156.867492][ T8032] binder: 8031:8032 ioctl c00c620f 0 returned -14
[  156.973286][ T8038] loop2: detected capacity change from 0 to 256
[  156.986858][ T8038] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  157.195215][ T8037] loop1: detected capacity change from 0 to 32768
[  157.199164][ T8037] bcachefs: bch2_fs_parse_param() Error parsing option move_bytes_in_flight: option_value
[  157.312482][ T6004] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  157.462537][ T6004] usb 3-1: Using ep0 maxpacket: 8
[  157.467528][ T6004] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  157.476725][ T6004] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  157.481228][ T6004] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  157.486007][ T6004] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  157.492556][ T6004] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  157.496489][ T6004] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.726545][ T6004] usb 3-1: GET_CAPABILITIES returned 0
[  157.728908][ T6004] usbtmc 3-1:16.0: can't read capabilities
[  157.902458][   T47] usb 2-1: new low-speed USB device number 10 using dummy_hcd
[  157.944471][ T5989] usb 3-1: USB disconnect, device number 14
[  158.054646][   T47] usb 2-1: LPM exit latency is zeroed, disabling LPM.
[  158.059575][   T47] usb 2-1: config 0 has no interfaces?
[  158.066028][   T47] usb 2-1: string descriptor 0 read error: -22
[  158.068841][   T47] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=9a.90
[  158.073494][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.079138][   T47] usb 2-1: config 0 descriptor??
[  158.290212][   T47] usb 2-1: USB disconnect, device number 10
[  159.284661][ T8086] loop0: detected capacity change from 0 to 256
[  159.300912][ T8086] FAT-fs (loop0): Directory bread(block 64) failed
[  159.304108][ T8086] FAT-fs (loop0): Directory bread(block 65) failed
[  159.699070][ T8086] FAT-fs (loop0): Directory bread(block 66) failed
[  159.701954][ T8086] FAT-fs (loop0): Directory bread(block 67) failed
[  159.706909][ T8086] FAT-fs (loop0): Directory bread(block 68) failed
[  159.709811][ T8086] FAT-fs (loop0): Directory bread(block 69) failed
[  159.718274][ T8086] FAT-fs (loop0): Directory bread(block 70) failed
[  159.725751][ T8086] FAT-fs (loop0): Directory bread(block 71) failed
[  159.734567][ T8086] FAT-fs (loop0): Directory bread(block 72) failed
[  159.737366][ T8086] FAT-fs (loop0): Directory bread(block 73) failed
[  159.817811][ T8093] loop2: detected capacity change from 0 to 1024
[  159.860870][ T1094] hfsplus: b-tree write err: -5, ino 4
[  160.046972][ T8104] input: syz1 as /devices/virtual/input/input7
[  160.124095][ T8110] netlink: 'syz.0.872': attribute type 7 has an invalid length.
[  160.831461][ T8134] loop2: detected capacity change from 0 to 736
[  160.888522][ T8134] rock: directory entry would overflow storage
[  160.891369][ T8134] rock: sig=0x00, size=4, remaining=3
[  160.926032][ T8138] netlink: 1 bytes leftover after parsing attributes in process `syz.1.885'.
[  161.416129][ T8150] loop1: detected capacity change from 0 to 32768
[  161.422818][ T8150] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.890 (8150)
[  161.443247][ T8150] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  161.447490][ T8150] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  161.534381][ T8150] BTRFS info (device loop1): enabling ssd optimizations
[  161.537322][ T8150] BTRFS info (device loop1): turning on async discard
[  161.540114][ T8150] BTRFS info (device loop1): enabling free space tree
[  161.562436][   T24] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  161.599042][ T5940] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  161.728691][ T8177] loop0: detected capacity change from 0 to 512
[  161.775599][   T24] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.779964][   T24] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.794528][   T24] usb 3-1: config 0 interface 0 has no altsetting 0
[  161.802075][   T24] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  161.815310][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.821629][ T8177] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.835872][   T24] usb 3-1: config 0 descriptor??
[  161.845054][ T8177] ext4 filesystem being mounted at /305/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.102764][ T5315] IPVS: starting estimator thread 0...
[  162.202372][ T8187] IPVS: using max 45 ests per chain, 108000 per kthread
[  162.447662][   T24] usb 3-1: string descriptor 0 read error: -22
[  162.652354][   T24] uclogic 0003:256C:006D.0002: interface is invalid, ignoring
[  162.878800][ T5989] usb 3-1: USB disconnect, device number 15
[  163.062438][ T5315] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  163.231652][ T5315] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  163.241207][ T5315] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.256315][ T5315] usb 2-1: config 0 descriptor??
[  163.284157][ T5315] cp210x 2-1:0.0: cp210x converter detected
[  163.410607][ T5947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.561339][ T8197] loop2: detected capacity change from 0 to 2048
[  163.574050][ T8197] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  163.709956][ T5315] usb 2-1: cp210x converter now attached to ttyUSB0
[  163.889069][ T8204] loop2: detected capacity change from 0 to 32768
[  163.900087][   T24] usb 2-1: USB disconnect, device number 11
[  163.908708][   T24] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  163.931015][ T8204] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  163.935256][   T24] cp210x 2-1:0.0: device disconnected
[  163.987664][ T7290] (syz-executor,7290,0):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  163.995845][ T7290] ocfs2: Unmounting device (7,2) on (node local)
[  164.132087][ T8208] loop2: detected capacity change from 0 to 1764
[  164.215709][ T8210] loop2: detected capacity change from 0 to 512
[  164.248377][ T8210] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.907: bg 0: block 248: padding at end of block bitmap is not set
[  164.257990][ T8210] Quota error (device loop2): write_blk: dquota write failed
[  164.261449][ T8210] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  164.267546][ T8210] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.907: Failed to acquire dquot type 1
[  164.281780][ T8210] EXT4-fs (loop2): 1 truncate cleaned up
[  164.285935][ T8210] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.291365][ T8210] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.336948][ T7290] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.341261][ T1094] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-5
[  164.345703][ T1094] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u9:6: Failed to release dquot type 1
[  164.786133][ T5315] IPVS: starting estimator thread 0...
[  164.832837][   T24] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  164.839002][ T8235] loop0: detected capacity change from 0 to 1764
[  164.882394][ T8233] IPVS: using max 58 ests per chain, 139200 per kthread
[  165.622292][   T24] usb 3-1: Using ep0 maxpacket: 16
[  165.673495][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.678366][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  165.684335][   T24] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  165.688277][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.693898][   T24] usb 3-1: config 0 descriptor??
[  166.134530][   T24] HID 045e:07da: Invalid code 65791 type 1
[  166.137058][   T24] HID 045e:07da: Invalid code 768 type 1
[  166.138846][   T24] HID 045e:07da: Invalid code 769 type 1
[  166.147010][   T24] HID 045e:07da: Invalid code 770 type 1
[  166.149174][   T24] HID 045e:07da: Invalid code 771 type 1
[  166.151184][   T24] HID 045e:07da: Invalid code 772 type 1
[  166.154228][   T24] HID 045e:07da: Invalid code 773 type 1
[  166.156104][   T24] HID 045e:07da: Invalid code 774 type 1
[  166.158175][   T24] HID 045e:07da: Invalid code 775 type 1
[  166.160476][   T24] HID 045e:07da: Invalid code 776 type 1
[  166.171150][   T24] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0003/input/input8
[  166.252644][   T24] microsoft 0003:045E:07DA.0003: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  166.740469][ T8293] kAFS: unable to lookup cell '\/'
[  166.967843][ T5315] usb 3-1: USB disconnect, device number 16
[  167.627990][ T8314] loop1: detected capacity change from 0 to 4096
[  167.643279][ T8314] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  167.677167][ T8314] ntfs3(loop1): ino=19, mi_enum_attr
[  167.679477][ T8314] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  167.734619][ T8320] loop2: detected capacity change from 0 to 8
[  167.876563][ T8326] netlink: 4 bytes leftover after parsing attributes in process `syz.2.958'.
[  167.891586][ T8326] netlink: 4 bytes leftover after parsing attributes in process `syz.2.958'.
[  167.999156][ T8338] bridge_slave_0: default FDB implementation only supports local addresses
[  168.003707][ T8338] bridge_slave_0: default FDB implementation only supports local addresses
[  168.229970][ T6004] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  168.682804][ T6004] usb 1-1: Using ep0 maxpacket: 32
[  168.688255][ T6004] usb 1-1: unable to get BOS descriptor or descriptor too short
[  168.694405][ T6004] usb 1-1: config 120 has an invalid interface number: 86 but max is 0
[  168.698057][ T6004] usb 1-1: config 120 has no interface number 0
[  168.703050][ T6004] usb 1-1: New USB device found, idVendor=12d1, idProduct=9c20, bcdDevice=e5.af
[  168.706893][ T6004] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.710484][ T6004] usb 1-1: Product: syz
[  168.712985][ T6004] usb 1-1: Manufacturer: syz
[  168.714886][ T6004] usb 1-1: SerialNumber: syz
[  168.791016][ T8353] loop1: detected capacity change from 0 to 32768
[  168.812618][ T8353] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  168.860610][ T5940] ocfs2: Unmounting device (7,1) on (node local)
[  168.933886][ T6004] huawei_cdc_ncm 1-1:120.86: More than one union descriptor, skipping ...
[  168.936728][ T6004] huawei_cdc_ncm 1-1:120.86: CDC Union missing and no IAD found
[  168.939355][ T6004] huawei_cdc_ncm 1-1:120.86: bind() failure
[  168.949494][ T6004] usb 1-1: USB disconnect, device number 8
[  169.084758][ T8365] loop2: detected capacity change from 0 to 512
[  169.111811][ T8365] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  169.213358][ T8373] netlink: 128 bytes leftover after parsing attributes in process `syz.2.978'.
[  169.254554][ T8377] loop2: detected capacity change from 0 to 64
[  169.382546][ T8386] loop2: detected capacity change from 0 to 512
[  169.398102][ T8386] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.407202][ T8386] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.426711][ T8386] 9p: Unknown access argument unt-ro: -22
[  169.537926][ T7290] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.690651][ T8413] ALSA: mixer_oss: invalid OSS volume 'LI'
[  170.282465][   T24] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  170.432320][   T24] usb 3-1: Using ep0 maxpacket: 16
[  170.441494][   T24] usb 3-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[  170.448427][   T24] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  170.453139][   T24] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  170.457441][   T24] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  170.461516][   T24] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  170.467755][   T24] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[  170.486374][   T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  170.492136][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  170.495645][   T24] usb 3-1: SerialNumber: syz
[  170.508220][   T24] cdc_acm 3-1:1.0: probe with driver cdc_acm failed with error -12
[  170.718404][   T10] usb 3-1: USB disconnect, device number 17
[  170.812369][ T5315] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  170.962551][ T5315] usb 2-1: Using ep0 maxpacket: 16
[  170.966584][ T5315] usb 2-1: config 0 has an invalid interface number: 255 but max is 0
[  170.969980][ T5315] usb 2-1: config 0 has no interface number 0
[  170.975405][ T5315] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0108, bcdDevice=da.32
[  170.982488][ T5315] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.987127][ T5315] usb 2-1: Product: syz
[  170.992501][ T5315] usb 2-1: Manufacturer: syz
[  171.002045][ T5315] usb 2-1: SerialNumber: syz
[  171.008056][ T5315] usb 2-1: config 0 descriptor??
[  171.016880][ T5315] usb_ehset_test 2-1:0.255: probe with driver usb_ehset_test failed with error -32
[  171.236369][   T24] usb 2-1: USB disconnect, device number 12
[  171.807816][ T8451] loop2: detected capacity change from 0 to 32768
[  171.910862][   T33] audit: type=1800 audit(1758711071.176:10): pid=8451 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1013" name="bus" dev="loop2" ino=7 res=0 errno=0
[  172.611549][ T8460] loop0: detected capacity change from 0 to 256
[  172.625259][ T8460] exfat: Deprecated parameter 'namecase'
[  172.638495][ T8460] exfat: Deprecated parameter 'namecase'
[  172.651333][ T8460] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  172.730937][ T8464] syz.0.1018(8464): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  172.795626][ T8466] loop0: detected capacity change from 0 to 256
[  172.919329][ T8472] loop0: detected capacity change from 0 to 764
[  173.122739][   T10] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  173.144637][ T8485] binder: 8483:8485 unknown command 0
[  173.146519][ T8485] binder: 8483:8485 ioctl c0306201 200000000080 returned -22
[  173.283498][   T10] usb 3-1: Using ep0 maxpacket: 8
[  173.287935][   T10] usb 3-1: config 0 interface 0 has no altsetting 0
[  173.290239][   T10] usb 3-1: New USB device found, idVendor=17ef, idProduct=61ae, bcdDevice= 0.00
[  173.296692][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.308623][   T10] usb 3-1: config 0 descriptor??
[  173.366890][ T8500] loop0: detected capacity change from 0 to 4096
[  173.370830][ T8500] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[  173.396691][ T8500] ntfs3(loop0): Failed to initialize $Extend/$ObjId.
[  173.511953][ T8505] loop1: detected capacity change from 0 to 4096
[  173.517562][ T8505] EXT4-fs: Ignoring removed mblk_io_submit option
[  173.532279][ T8505] EXT4-fs (loop1): Test dummy encryption mode enabled
[  173.553604][ T8505] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.745609][ T5940] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.772799][   T10] lenovo 0003:17EF:61AE.0004: hidraw0: USB HID vff.ff Device [HID 17ef:61ae] on usb-dummy_hcd.2-1/input0
[  174.167710][   T10] usb 3-1: USB disconnect, device number 18
[  174.367726][ T8524] loop1: detected capacity change from 0 to 8192
[  174.395048][ T8524] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 1043)
[  174.400200][ T8524] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 1043)
[  174.407468][ T8524] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 1043)
[  174.410744][ T8524] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 1043)
[  174.416536][ T8524] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 1043)
[  174.420339][ T8524] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 1043)
[  174.426518][ T8524] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 1043)
[  174.445710][ T8524] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 1043)
[  174.450253][ T8524] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 1043)
[  174.454258][ T8524] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 1043)
[  174.458701][ T8524] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 1043)
[  174.468104][   T33] audit: type=1800 audit(1758711073.736:11): pid=8524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1045" name="file2" dev="loop1" ino=1048696 res=0 errno=0
[  174.660399][ T5238] Bluetooth: hci1: link tx timeout
[  174.664887][ T5238] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  174.671709][ T5238] Bluetooth: hci1: link tx timeout
[  174.675056][ T5238] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  174.798901][ T8545] loop0: detected capacity change from 0 to 8
[  174.910029][ T8550] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  175.990736][ T8563] loop2: detected capacity change from 0 to 1024
[  176.003239][ T8563] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  176.010571][ T8563] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  176.029005][ T8563] jbd2_journal_init_inode: Cannot locate journal superblock
[  176.039179][ T8563] EXT4-fs (loop2): Could not load journal inode
[  176.138707][ T8567] loop2: detected capacity change from 0 to 2048
[  176.169601][ T8567] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  176.508843][ T8575] netlink: 'syz.2.1068': attribute type 10 has an invalid length.
[  176.512987][ T6004] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  176.522898][ T8575] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  176.690795][ T6004] usb 1-1: New USB device found, idVendor=045e, idProduct=02bf, bcdDevice=7b.41
[  176.694918][ T6004] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.698467][ T6004] usb 1-1: Product: syz
[  176.700419][ T6004] usb 1-1: Manufacturer: syz
[  176.704223][ T6004] usb 1-1: SerialNumber: syz
[  176.715209][ T5238] Bluetooth: hci1: command 0x0406 tx timeout
[  176.734241][ T6004] usb 1-1: config 0 descriptor??
[  176.739088][ T6004] gspca_main: kinect-2.14.0 probing 045e:02bf
[  176.862666][ T8586] loop1: detected capacity change from 0 to 512
[  176.866440][ T8586] EXT4-fs: Ignoring removed nobh option
[  176.884744][ T8586] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.1073: iget: bad i_size value: 38620345925642
[  176.892343][ T8586] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1073: couldn't read orphan inode 15 (err -117)
[  176.904679][ T8586] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.950071][ T5315] usb 1-1: USB disconnect, device number 9
[  177.017922][ T8586] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1073: bg 0: block 5: invalid block bitmap
[  177.027452][ T8586] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  177.033959][ T8586] EXT4-fs (loop1): This should not happen!! Data will be lost
[  177.033959][ T8586] 
[  177.037892][ T8586] EXT4-fs (loop1): Total free blocks count 0
[  177.040156][ T8586] EXT4-fs (loop1): Free/Dirty block details
[  177.042296][ T8586] EXT4-fs (loop1): free_blocks=0
[  177.044238][ T8586] EXT4-fs (loop1): dirty_blocks=1424
[  177.046023][ T8586] EXT4-fs (loop1): Block reservation details
[  177.048087][ T8586] EXT4-fs (loop1): i_reserved_data_blocks=1424
[  177.058457][ T1094] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 16 with max blocks 1404 with error 28
[  177.397075][ T8601] loop1: detected capacity change from 0 to 2048
[  177.406344][ T8601] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  177.568745][ T8605] kernel read not supported for file /   (pid: 8605 comm: syz.2.1082)
[  177.578389][   T33] audit: type=1800 audit(1758711076.846:12): pid=8605 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1082" name=200120 dev="mqueue" ino=16814 res=0 errno=0
[  177.668298][   T33] audit: type=1804 audit(1758711076.936:13): pid=8611 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1084" name="/newroot/374/file0" dev="tmpfs" ino=1961 res=1 errno=0
[  177.760029][ T8617] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.1087'.
[  177.778945][ T8617] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  177.782120][ T8617] openvswitch: netlink: Duplicate key (type 0).
[  178.073389][ T8621] loop1: detected capacity change from 0 to 32768
[  178.079164][ T8621] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1089 (8621)
[  178.103527][ T8621] BTRFS info (device loop1): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  178.163627][ T8638] loop2: detected capacity change from 0 to 128
[  178.203649][ T8621] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  178.213833][ T8638] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  178.230591][ T8638] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  178.601681][ T8621] BTRFS info (device loop1): enabling ssd optimizations
[  178.609523][ T8621] BTRFS info (device loop1): enabling free space tree
[  178.684951][ T5940] BTRFS info (device loop1): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  178.926133][ T5315] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  179.077703][ T5315] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  179.083378][ T8660] loop1: detected capacity change from 0 to 40427
[  179.089178][ T8660] F2FS-fs (loop1): Image doesn't support compression
[  179.091821][ T5315] usb 1-1: New USB device strings: Mfr=0, Product=16, SerialNumber=0
[  179.095685][ T5315] usb 1-1: Product: syz
[  179.098306][ T8660] F2FS-fs (loop1): build fault injection rate: 690
[  179.100682][ T8660] F2FS-fs (loop1): build fault injection type: 0x35f7
[  179.101582][ T5315] usb 1-1: config 0 descriptor??
[  179.109069][ T8660] F2FS-fs (loop1): invalid crc value
[  179.117062][ T5315] cp210x 1-1:0.0: cp210x converter detected
[  179.159361][ T8660] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  179.169409][ T8660] F2FS-fs (loop1): Start checkpoint disabled!
[  179.179836][ T8660] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  179.522976][ T5315] cp210x 1-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  179.537850][ T5315] usb 1-1: cp210x converter now attached to ttyUSB0
[  179.636683][ T8685] loop2: detected capacity change from 0 to 512
[  179.647138][ T8685] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  179.688659][ T8685] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.706283][ T8685] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.731689][ T5315] usb 1-1: USB disconnect, device number 10
[  179.744642][ T5315] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  179.756430][ T5315] cp210x 1-1:0.0: device disconnected
[  179.765313][ T8683] loop1: detected capacity change from 0 to 4096
[  179.779935][ T7290] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.949164][ T8695] loop2: detected capacity change from 0 to 512
[  179.971391][ T8695] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  180.000905][ T8695] EXT4-fs (loop2): 1 truncate cleaned up
[  180.005340][ T8695] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.057123][ T7290] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.167965][ T8699] loop2: detected capacity change from 0 to 4096
[  180.174748][ T8699] EXT4-fs (loop2): Test dummy encryption mode enabled
[  180.179556][ T8699] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  180.184265][ T8699] System zones: 0-5
[  180.190427][ T8699] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.217204][ T8704] loop1: detected capacity change from 0 to 1024
[  180.260639][ T1094] hfsplus: b-tree write err: -5, ino 4
[  180.322861][ T7290] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.567301][ T8723] dlm: no locking on control device
[  180.617542][ T8726] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  180.621956][ T8728] loop1: detected capacity change from 0 to 256
[  180.628151][ T8726] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  180.654643][ T8728] FAT-fs (loop1): Directory bread(block 64) failed
[  180.657891][ T8728] FAT-fs (loop1): Directory bread(block 65) failed
[  180.665841][ T8728] FAT-fs (loop1): Directory bread(block 66) failed
[  180.668667][ T8728] FAT-fs (loop1): Directory bread(block 67) failed
[  180.673873][ T8728] FAT-fs (loop1): Directory bread(block 68) failed
[  180.681013][ T8728] FAT-fs (loop1): Directory bread(block 69) failed
[  180.684169][ T8728] FAT-fs (loop1): Directory bread(block 70) failed
[  180.688160][ T8728] FAT-fs (loop1): Directory bread(block 71) failed
[  180.695321][ T8728] FAT-fs (loop1): Directory bread(block 72) failed
[  180.700662][ T8728] FAT-fs (loop1): Directory bread(block 73) failed
[  180.721646][ T8728] FAT-fs (loop1): Filesystem has been set read-only
[  180.726408][   T33] audit: type=1800 audit(1758711079.996:14): pid=8728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1127" name="rdma.current" dev="loop1" ino=1048697 res=0 errno=0
[  180.768478][ T8732] loop1: detected capacity change from 0 to 65
[  180.780524][ T8732] BFS-fs: bfs_fill_super(): NOTE: filesystem loop1 was created with 512 inodes, the real maximum is 511, mounting anyway
[  180.932497][ T6004] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  181.082316][ T6004] usb 3-1: Using ep0 maxpacket: 16
[  181.086681][ T6004] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  181.090477][ T6004] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  181.095145][ T6004] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  181.101952][ T6004] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  181.107031][ T6004] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.110603][ T6004] usb 3-1: Product: syz
[  181.112689][ T6004] usb 3-1: Manufacturer: syz
[  181.114811][ T6004] usb 3-1: SerialNumber: syz
[  181.162422][   T24] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  181.323285][   T24] usb 2-1: Using ep0 maxpacket: 8
[  181.337865][   T24] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  181.341412][   T24] usb 2-1: config 0 has no interface number 0
[  181.352878][   T24] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  181.357656][   T24] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  181.361725][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.370146][   T24] usb 2-1: config 0 descriptor??
[  181.381859][   T24] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  181.537870][ T6004] usb 3-1: 0:2 : does not exist
[  181.553623][ T8755] netlink: 'syz.0.1140': attribute type 8 has an invalid length.
[  182.343266][ T5315] usb 3-1: USB disconnect, device number 19
[  182.643234][ T6004] usb 2-1: USB disconnect, device number 13
[  182.705152][ T8765] loop0: detected capacity change from 0 to 256
[  182.759459][ T8765] exFAT-fs (loop0): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d)
[  182.776736][ T8765] exFAT-fs (loop0): valid_size(10) is greater than size(0)
[  182.796372][ T8765] exFAT-fs (loop0): error, in sector 160, dentry 11 should be unused, but 0xc1
[  182.800582][ T8765] exFAT-fs (loop0): Filesystem has been set read-only
[  183.158560][ T8777] loop2: detected capacity change from 0 to 4096
[  183.167959][ T8777] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  183.575165][ T6004] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  183.892449][ T6004] usb 3-1: Using ep0 maxpacket: 32
[  183.942237][ T6004] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9
[  183.999910][ T6004] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  184.010694][ T6004] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.019980][ T6004] usb 3-1: Product: syz
[  184.024972][ T6004] usb 3-1: Manufacturer: syz
[  184.030231][ T6004] usb 3-1: SerialNumber: syz
[  184.063103][ T6004] usb 3-1: config 0 descriptor??
[  184.089926][ T8783] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  184.097255][ T6004] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input9
[  184.448462][   T10] usb 3-1: USB disconnect, device number 20
[  184.448631][    C1] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  185.255040][ T8808] loop2: detected capacity change from 0 to 1024
[  185.684871][ T8817] loop2: detected capacity change from 0 to 512
[  185.740585][ T8817] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.749503][ T8817] ext4 filesystem being mounted at /154/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  185.957841][ T8826] nftables ruleset with unbound chain
[  185.962121][ T8824] loop0: detected capacity change from 0 to 1024
[  186.508979][ T8834] net veth1_virt_wifi : renamed from virt_wifi0
[  186.586686][ T7290] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.057212][ T8882] loop2: detected capacity change from 0 to 1024
[  188.136159][ T8879] loop1: detected capacity change from 0 to 40427
[  188.142073][ T8879] F2FS-fs (loop1): build fault injection rate: 690
[  188.149300][ T8879] F2FS-fs (loop1): invalid crc value
[  188.209066][ T8879] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  188.217283][ T8879] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  188.247308][ T8879] bio_check_eod: 35 callbacks suppressed
[  188.247327][ T8879] syz.1.1190: attempt to access beyond end of device
[  188.247327][ T8879] loop1: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  188.287928][ T5940] syz-executor: attempt to access beyond end of device
[  188.287928][ T5940] loop1: rw=2049, sector=45224, nr_sectors = 8 limit=40427
[  188.296241][ T5940] CPU: 0 UID: 0 PID: 5940 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  188.296256][ T5940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  188.296261][ T5940] Call Trace:
[  188.296264][ T5940]  <TASK>
[  188.296268][ T5940]  dump_stack_lvl+0x189/0x250
[  188.296286][ T5940]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.296295][ T5940]  ? __pfx_queue_work_on+0x10/0x10
[  188.296303][ T5940]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  188.296316][ T5940]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  188.296332][ T5940]  f2fs_handle_critical_error+0x37c/0x540
[  188.296347][ T5940]  f2fs_write_end_io+0x886/0xb60
[  188.296363][ T5940]  __submit_merged_bio+0x27a/0x6a0
[  188.296376][ T5940]  __submit_merged_write_cond+0x255/0x530
[  188.296390][ T5940]  f2fs_write_data_pages+0x261d/0x3000
[  188.296412][ T5940]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  188.296425][ T5940]  ? kernel_text_address+0xa5/0xe0
[  188.296449][ T5940]  ? stack_depot_save_flags+0x40/0x860
[  188.296469][ T5940]  ? cleanup_mnt+0x425/0x4c0
[  188.296477][ T5940]  ? task_work_run+0x1d4/0x260
[  188.296485][ T5940]  ? exit_to_user_mode_loop+0xec/0x110
[  188.296499][ T5940]  ? __lock_acquire+0xab9/0xd20
[  188.296538][ T5940]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  188.296546][ T5940]  do_writepages+0x32e/0x550
[  188.296561][ T5940]  ? do_raw_spin_unlock+0x4d/0x240
[  188.296572][ T5940]  filemap_fdatawrite+0x199/0x240
[  188.296583][ T5940]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  188.296613][ T5940]  ? do_raw_spin_unlock+0x4d/0x240
[  188.296624][ T5940]  f2fs_sync_dirty_inodes+0x31f/0x830
[  188.296638][ T5940]  f2fs_write_checkpoint+0x95a/0x1df0
[  188.296656][ T5940]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  188.296683][ T5940]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  188.296720][ T5940]  ? kfree+0x18e/0x440
[  188.296730][ T5940]  ? kill_f2fs_super+0x298/0x6c0
[  188.296741][ T5940]  kill_f2fs_super+0x2c3/0x6c0
[  188.296752][ T5940]  ? __pfx_kill_f2fs_super+0x10/0x10
[  188.296758][ T5940]  ? radix_tree_delete_item+0x2b6/0x400
[  188.296769][ T5940]  ? shrinker_free+0x2ce/0x3e0
[  188.296779][ T5940]  deactivate_locked_super+0xbc/0x130
[  188.296794][ T5940]  cleanup_mnt+0x425/0x4c0
[  188.296805][ T5940]  ? lockdep_hardirqs_on+0x9c/0x150
[  188.296818][ T5940]  task_work_run+0x1d4/0x260
[  188.296839][ T5940]  ? __pfx_task_work_run+0x10/0x10
[  188.296850][ T5940]  ? __x64_sys_umount+0x122/0x160
[  188.296870][ T5940]  ? exit_to_user_mode_loop+0x40/0x110
[  188.296899][ T5940]  exit_to_user_mode_loop+0xec/0x110
[  188.296914][ T5940]  do_syscall_64+0x2bd/0x3b0
[  188.296925][ T5940]  ? lockdep_hardirqs_on+0x9c/0x150
[  188.296935][ T5940]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.296945][ T5940]  ? exc_page_fault+0x9f/0xf0
[  188.296959][ T5940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.296970][ T5940] RIP: 0033:0x7fbbe058ff57
[  188.296981][ T5940] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  188.296991][ T5940] RSP: 002b:00007ffe33611458 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  188.297004][ T5940] RAX: 0000000000000000 RBX: 00007fbbe0611c2d RCX: 00007fbbe058ff57
[  188.297012][ T5940] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe33611510
[  188.297019][ T5940] RBP: 00007ffe33611510 R08: 0000000000000000 R09: 0000000000000000
[  188.297026][ T5940] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe336125a0
[  188.297033][ T5940] R13: 00007fbbe0611c2d R14: 000000000002def5 R15: 00007ffe336125e0
[  188.297055][ T5940]  </TASK>
[  188.298242][ T5940] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  188.479582][ T8897] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1197'.
[  188.820659][   T10] kernel write not supported for file /uinput (pid: 10 comm: kworker/0:1)
[  188.852497][ T8915] loop2: detected capacity change from 0 to 1024
[  188.883526][ T8915] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.901843][ T8915] EXT4-fs error (device loop2): ext4_get_first_dir_block:3552: inode #11: comm syz.2.1205: directory missing '..'
[  188.923703][ T7290] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.936197][ T8905] loop0: detected capacity change from 0 to 32768
[  188.997244][ T8905] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  189.017847][ T8905] XFS (loop0): Ending clean mount
[  189.023916][ T8905] XFS (loop0): Quotacheck needed: Please wait.
[  189.042402][    T9] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  189.077105][ T8905] XFS (loop0): Quotacheck: Done.
[  189.111477][ T8934] binfmt_misc: register: failed to install interpreter file ./file0
[  189.141021][ T5947] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  189.195200][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.205945][ T8936] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1211'.
[  189.222315][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.225483][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  189.230119][    T9] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  189.242367][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.264751][    T9] usb 2-1: config 0 descriptor??
[  189.559548][ T8943] loop2: detected capacity change from 0 to 32768
[  189.586432][ T8943] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  189.653086][ T8943] XFS (loop2): Ending clean mount
[  189.663753][ T8943] XFS (loop2): Quotacheck needed: Please wait.
[  189.712583][    T9] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  189.712642][ T8943] XFS (loop2): Quotacheck: Done.
[  189.780907][ T7290] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  189.967787][ T7699] usb 2-1: USB disconnect, device number 14
[  190.042795][ T6004] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  190.206238][ T6004] usb 1-1: Using ep0 maxpacket: 16
[  190.213885][ T6004] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.219943][ T6004] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023
[  190.229631][ T6004] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  190.233960][ T6004] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.237301][ T6004] usb 1-1: Product: syz
[  190.239149][ T6004] usb 1-1: Manufacturer: syz
[  190.241230][ T6004] usb 1-1: SerialNumber: syz
[  190.467562][ T8964] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  190.590192][ T8985] loop2: detected capacity change from 0 to 40427
[  190.594370][ T8985] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[  190.597208][ T8985] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  190.600710][ T8985] F2FS-fs (loop2): build fault injection rate: 2
[  190.603330][ T8985] F2FS-fs (loop2): build fault injection type: 0x6
[  190.611558][ T8985] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  190.616076][ T8985] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  190.620326][ T8985] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  190.625559][ T8985] F2FS-fs (loop2): invalid crc value
[  190.636953][ T8985] F2FS-fs (loop2): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x4429/0x6ff0
[  190.640354][ T8985] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-12)
[  191.094516][ T8964] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  191.205099][ T9009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1239'.
[  191.209449][ T9009] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1239'.
[  191.301767][ T6004] cdc_ncm 1-1:1.0: failed to get mac address
[  191.502517][    T9] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  191.510727][ T6004] cdc_ncm 1-1:1.0: bind() failure
[  191.534120][ T6004] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  191.537259][ T6004] cdc_ncm 1-1:1.1: bind() failure
[  191.660569][    T9] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  191.665153][    T9] usb 2-1: config 1 has no interface number 1
[  191.667222][    T9] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  191.671694][    T9] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7
[  191.688245][    T9] usb 2-1: string descriptor 0 read error: -22
[  191.694961][    T9] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  191.698953][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.734866][    T9] usb 2-1: found format II with max.bitrate = 2, frame size=62645
[  191.737772][    T9] usb 2-1: found format II with max.bitrate = 2, frame size=62645
[  191.762610][ T5315] usb 1-1: USB disconnect, device number 11
[  192.062547][    T9] usb 2-1: USB disconnect, device number 15
[  192.348336][   T33] audit: type=1326 audit(1758711091.616:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd278ec29 code=0x7ffc0000
[  192.356896][ T9015] loop2: detected capacity change from 0 to 2048
[  192.360480][   T33] audit: type=1326 audit(1758711091.626:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd278ec29 code=0x7ffc0000
[  192.368670][   T33] audit: type=1326 audit(1758711091.626:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9dd278ec29 code=0x7ffc0000
[  192.372583][ T9015] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  192.384419][   T33] audit: type=1326 audit(1758711091.626:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd278ec29 code=0x7ffc0000
[  192.402549][   T33] audit: type=1326 audit(1758711091.626:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd278ec29 code=0x7ffc0000
[  192.424003][   T33] audit: type=1326 audit(1758711091.636:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f9dd278ec29 code=0x7ffc0000
[  192.442455][   T33] audit: type=1326 audit(1758711091.636:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd278ec29 code=0x7ffc0000
[  192.452349][   T33] audit: type=1326 audit(1758711091.636:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.0.1241" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd278ec29 code=0x7ffc0000
[  192.563044][ T9024] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1246'.
[  192.650941][ T9017] loop0: detected capacity change from 0 to 32768
[  192.666201][ T9017] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  192.694563][ T9017] XFS (loop0): Ending clean mount
[  192.765150][ T5947] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  192.955566][ T9048] netlink: 'syz.1.1256': attribute type 8 has an invalid length.
[  193.095451][ T6002] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.179706][ T6002] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.250002][ T6002] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.312879][ T6002] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.386986][ T5238] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  193.395753][ T5238] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  193.399531][ T5238] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  193.410296][ T5238] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  193.414278][ T5238] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  193.531390][ T6002] bridge_slave_1: left allmulticast mode
[  193.533796][ T6002] bridge_slave_1: left promiscuous mode
[  193.535682][ T6002] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.544504][ T6002] bridge_slave_0: left allmulticast mode
[  193.546496][ T6002] bridge_slave_0: left promiscuous mode
[  193.548620][ T6002] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.948562][ T6002] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  193.959161][ T6002] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  193.969596][ T6002] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  194.001746][ T6002] bond0 (unregistering): Released all slaves
[  194.089870][ T1365] ieee802154 phy0 wpan0: encryption failed: -22
[  194.095256][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[  194.770046][ T6002] hsr_slave_0: left promiscuous mode
[  194.778132][ T6002] hsr_slave_1: left promiscuous mode
[  194.784571][ T6002] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  194.791822][ T6002] batman_adv: batadv0: Removing interface: batadv_slave_0
[  194.801269][ T6002] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  194.805329][ T6002] batman_adv: batadv0: Removing interface: batadv_slave_1
[  194.841388][ T6002] veth1_macvtap: left promiscuous mode
[  194.858859][ T6002] veth0_macvtap: left promiscuous mode
[  194.864931][ T6002] veth0_vlan: left promiscuous mode
[  194.889841][ T9083] loop1: detected capacity change from 0 to 512
[  194.903774][ T9083] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (340!=2687)
[  194.912399][ T9083] EXT4-fs (loop1): group descriptors corrupted!
[  195.512922][ T5946] Bluetooth: hci1: command tx timeout
[  195.898660][ T6002] team0 (unregistering): Port device team_slave_1 removed
[  195.946229][ T6002] team0 (unregistering): Port device team_slave_0 removed
[  196.169057][ T5946] Bluetooth: hci0: command 0x0406 tx timeout
[  196.169107][   T54] Bluetooth: hci2: command 0x0406 tx timeout
[  196.440045][ T9059] chnl_net:caif_netlink_parms(): no params data found
[  196.565737][ T9059] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.568299][ T9059] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.570890][ T9059] bridge_slave_0: entered allmulticast mode
[  196.574483][ T9059] bridge_slave_0: entered promiscuous mode
[  196.578074][ T9059] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.580866][ T9059] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.583854][ T9059] bridge_slave_1: entered allmulticast mode
[  196.586772][ T9059] bridge_slave_1: entered promiscuous mode
[  196.616440][ T9059] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  196.621861][ T9059] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  196.661183][ T9059] team0: Port device team_slave_0 added
[  196.664723][ T9059] team0: Port device team_slave_1 added
[  196.683889][ T9059] batman_adv: batadv0: Adding interface: batadv_slave_0
[  196.688988][ T9059] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.704844][ T9059] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  196.710909][ T9059] batman_adv: batadv0: Adding interface: batadv_slave_1
[  196.714892][ T9059] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.730853][ T9059] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  196.813406][ T9120] loop0: detected capacity change from 0 to 4096
[  196.819708][ T9120] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  196.825026][ T9059] hsr_slave_0: entered promiscuous mode
[  196.835582][ T9059] hsr_slave_1: entered promiscuous mode
[  196.840933][ T9120] ntfs3(loop0): ino=3, ntfs_set_state failed, -22.
[  196.844865][ T9059] debugfs: 'hsr0' already exists in 'hsr'
[  196.847355][ T9120] ntfs3(loop0): Failed to initialize $Extend/$Reparse.
[  196.852286][ T9059] Cannot create hsr debugfs directory
[  196.876722][ T9120] ntfs3(loop0): ino=5, "/" indx_read
[  196.931056][   T28] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22.
[  196.942115][ T5947] ntfs3(loop0): ino=3, ntfs_set_state failed, -22.
[  196.946641][ T5947] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  196.951454][ T5947] ntfs3(loop0): ino=3, ntfs_set_state failed, -22.
[  196.954673][ T1094] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22.
[  197.194946][ T9059] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  197.200553][ T9059] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  197.205427][ T9059] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  197.218421][ T9059] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  197.242931][ T9059] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.245427][ T9059] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.248058][ T9059] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.250401][ T9059] bridge0: port 1(bridge_slave_0) entered forwarding state
[  197.284787][ T9059] 8021q: adding VLAN 0 to HW filter on device bond0
[  197.297156][ T1205] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.297319][ T9131] loop0: detected capacity change from 0 to 32768
[  197.303759][ T1205] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.308670][ T9131] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1275 (9131)
[  197.352484][ T9131] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  197.356821][ T9131] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  197.396092][ T9059] 8021q: adding VLAN 0 to HW filter on device team0
[  197.407753][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.410246][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[  197.421406][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.424164][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.482942][ T9131] BTRFS info (device loop0): enabling ssd optimizations
[  197.485858][ T9131] BTRFS info (device loop0): enabling free space tree
[  197.596046][ T5947] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  197.601503][ T5941] Bluetooth: hci1: command tx timeout
[  197.630186][ T9162] loop1: detected capacity change from 0 to 4096
[  197.637710][ T9162] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  197.653137][ T9059] 8021q: adding VLAN 0 to HW filter on device batadv0
[  197.726335][ T9059] veth0_vlan: entered promiscuous mode
[  197.731941][ T9059] veth1_vlan: entered promiscuous mode
[  197.765087][ T9059] veth0_macvtap: entered promiscuous mode
[  197.785722][ T9059] veth1_macvtap: entered promiscuous mode
[  197.800915][ T9059] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.808434][ T9059] batman_adv: batadv0: Interface activated: batadv_slave_1
[  197.817930][ T6002] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.821111][ T6002] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.828743][ T6002] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  198.036061][ T6002] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  198.041660][ T9174] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1280'.
[  198.056886][ T9174] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1280'.
[  198.093438][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.104119][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.150442][ T3737] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.158335][ T3737] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.952696][ T9181] loop3: detected capacity change from 0 to 131072
[  198.962290][ T9181] F2FS-fs (loop3): invalid crc value
[  199.050985][ T9181] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  199.141180][ T9181] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  199.673263][ T5941] Bluetooth: hci1: command tx timeout
[  199.731886][ T9210] loop0: detected capacity change from 0 to 512
[  200.021218][ T9218] loop1: detected capacity change from 0 to 1024
[  200.071645][ T9218] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  200.075989][ T9218] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  200.092383][ T9218] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  200.096071][ T9218] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  200.132130][ T9218] EXT4-fs error (device loop1): ext4_get_journal_inode:5800: inode #17: comm syz.1.1294: iget: bad i_size value: 4398046511204
[  200.140421][ T9218] EXT4-fs (loop1): no journal found
[  200.533803][ T5989] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  200.705517][ T5989] usb 1-1: Using ep0 maxpacket: 16
[  200.732044][ T5989] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 26232, setting to 64
[  200.759396][ T5989] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  200.772338][ T5989] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.782301][ T5989] usb 1-1: Product: syz
[  200.784074][ T5989] usb 1-1: Manufacturer: syz
[  200.786047][ T5989] usb 1-1: SerialNumber: syz
[  200.804035][ T9227] netlink: 'syz.3.1298': attribute type 4 has an invalid length.
[  200.804499][ T5989] usb 1-1: config 0 descriptor??
[  200.809314][ T9227] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1298'.
[  200.861266][ T5989] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  201.072580][ T5969] usb 1-1: Failed to submit usb control message: -71
[  201.083560][ T7699] usb 1-1: USB disconnect, device number 12
[  201.097456][ T5969] usb 1-1: unable to send the bmi data to the device: -71
[  201.124520][ T5969] usb 1-1: unable to get target info from device
[  201.130108][ T5969] usb 1-1: could not get target info (-71)
[  201.133114][ T5969] usb 1-1: could not probe fw (-71)
[  201.762772][ T5941] Bluetooth: hci1: command tx timeout
[  202.287062][ T7699] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  202.456319][ T7699] usb 1-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  202.460356][ T7699] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.466465][ T7699] usb 1-1: Product: syz
[  202.469132][ T7699] usb 1-1: Manufacturer: syz
[  202.471349][ T7699] usb 1-1: SerialNumber: syz
[  202.475186][ T7699] usb 1-1: config 0 descriptor??
[  202.483942][ T7699] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  202.880583][ T7699] gspca_sunplus: reg_r err -71
[  202.885591][ T7699] usb 1-1: USB disconnect, device number 13
[  203.323820][ T9271] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[  203.521908][ T9281] loop0: detected capacity change from 0 to 1024
[  203.527083][ T9281] EXT4-fs: Ignoring removed nobh option
[  203.533292][ T9281] EXT4-fs: Ignoring removed bh option
[  203.569074][ T9281] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  203.651201][ T5947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.761316][ T9296] loop0: detected capacity change from 0 to 1024
[  203.815912][   T40] hfsplus: b-tree write err: -5, ino 4
[  203.857322][ T9298] dlm: non-version read from control device 36
[  204.090020][ T9304] loop3: detected capacity change from 0 to 4096
[  204.592047][ T9313] comedi comedi1: bad chanlist[0]=0x00000004 chan=4 range length=1
[  204.645379][ T9315] loop3: detected capacity change from 0 to 512
[  204.649907][ T9315] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  204.669579][ T9315] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1326: couldn't read orphan inode 26 (err -116)
[  204.676199][ T9315] EXT4-fs (loop3): Remounting filesystem read-only
[  204.680434][ T9315] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  204.686813][ T9315] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  204.706147][ T9059] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.805092][ T9321] loop3: detected capacity change from 0 to 4096
[  204.824097][ T9321] ntfs3(loop3): ino=b, mi_enum_attr
[  204.826906][ T9321] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  204.830099][ T9321] ntfs3(loop3): Failed to load $Extend (-22).
[  204.832987][ T9321] ntfs3(loop3): Failed to initialize $Extend.
[  205.188211][ T9335] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  205.238825][ T9338] loop3: detected capacity change from 0 to 256
[  205.393337][ T9342] netlink: 'syz.0.1338': attribute type 2 has an invalid length.
[  205.404563][ T9343] netlink: 'syz.1.1333': attribute type 4 has an invalid length.
[  205.407226][ T9343] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1333'.
[  205.740886][ T9349] netlink: 'syz.3.1341': attribute type 3 has an invalid length.
[  205.925923][ T9354] loop0: detected capacity change from 0 to 32768
[  205.943923][ T9354] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  205.958345][   T33] audit: type=1800 audit(1758711105.226:23): pid=9354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1344" name="file1" dev="loop0" ino=17058 res=0 errno=0
[  206.094843][ T5315] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  206.242685][ T5315] usb 4-1: Using ep0 maxpacket: 16
[  206.251728][ T5315] usb 4-1: config 1 has an invalid interface number: 105 but max is 0
[  206.256671][ T5315] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  206.262050][ T5315] usb 4-1: config 1 has no interface number 0
[  206.270772][ T5315] usb 4-1: config 1 interface 105 altsetting 2 endpoint 0x4 has invalid wMaxPacketSize 0
[  206.277115][ T5315] usb 4-1: config 1 interface 105 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  206.285598][ T5315] usb 4-1: config 1 interface 105 has no altsetting 0
[  206.291989][ T5315] usb 4-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.08
[  206.298145][ T5315] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.305755][ T5315] usb 4-1: Product: syz
[  206.307643][ T5315] usb 4-1: Manufacturer: syz
[  206.310314][ T5315] usb 4-1: SerialNumber: syz
[  206.402575][    T9] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  206.531559][ T5315] aqc111 4-1:1.105: probe with driver aqc111 failed with error -22
[  206.552632][    T9] usb 2-1: Using ep0 maxpacket: 32
[  206.556562][    T9] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 219
[  206.566961][    T9] usb 2-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  206.571051][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.574984][    T9] usb 2-1: Product: syz
[  206.577017][    T9] usb 2-1: Manufacturer: syz
[  206.579656][    T9] usb 2-1: SerialNumber: syz
[  206.586075][    T9] usb 2-1: config 0 descriptor??
[  206.589315][ T9366] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  206.598898][    T9] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  206.742832][ T5315] usb 4-1: USB disconnect, device number 2
[  206.773662][ T5947] ocfs2: Unmounting device (7,0) on (node local)
[  206.828916][    T9] usb 2-1: USB disconnect, device number 16
[  206.863685][ T9367] udevd[9367]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  207.400804][ T9390] loop3: detected capacity change from 0 to 4096
[  207.630978][ T9403] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1360'.
[  207.698196][ T9408] loop1: detected capacity change from 0 to 256
[  207.941563][ T9407] loop3: detected capacity change from 0 to 32768
[  207.953487][ T9407] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1362 (9407)
[  208.000666][ T9407] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  208.006193][ T9407] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  208.083756][ T5939] udevd[5939]: '/usr/bin/udevadm trigger -s block -p ID_BTRFS_READY=0' [9426] terminated by signal 33 (Unknown signal 33)
[  208.190874][ T9407] BTRFS info (device loop3): enabling ssd optimizations
[  208.236667][ T9407] BTRFS info (device loop3): enabling free space tree
[  208.339264][ T5297] udevd[5297]: worker [5939] terminated by signal 33 (Unknown signal 33)
[  208.342648][ T9059] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  208.350733][ T5297] udevd[5297]: worker [5939] failed while handling '/devices/virtual/block/loop3'
[  208.543063][ T9451] loop3: detected capacity change from 0 to 1024
[  208.590821][ T9451] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  208.674197][ T9059] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.871524][ T9445] loop0: detected capacity change from 0 to 40427
[  208.882548][ T9445] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  208.885728][ T9445] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  208.914092][ T9445] F2FS-fs (loop0): invalid crc value
[  208.974532][ T9445] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  208.981024][ T9445] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  208.984596][ T9445] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  209.091105][   T33] audit: type=1804 audit(1758711108.356:24): pid=9445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1369" name="/newroot/459/bus/file1" dev="loop0" ino=10 res=1 errno=0
[  211.107679][ T9506] loop3: detected capacity change from 0 to 128
[  211.121356][   T33] audit: type=1800 audit(1758711110.386:25): pid=9445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1369" name="file1" dev="loop0" ino=10 res=0 errno=0
[  211.134467][ T9506] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  211.165873][ T5947] syz-executor: attempt to access beyond end of device
[  211.165873][ T5947] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  211.175382][ T5947] CPU: 0 UID: 0 PID: 5947 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  211.175395][ T5947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  211.175399][ T5947] Call Trace:
[  211.175402][ T5947]  <TASK>
[  211.175406][ T5947]  dump_stack_lvl+0x189/0x250
[  211.175455][ T5947]  ? __pfx_dump_stack_lvl+0x10/0x10
[  211.175466][ T5947]  ? __pfx_queue_work_on+0x10/0x10
[  211.175475][ T5947]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  211.175487][ T5947]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  211.175502][ T5947]  f2fs_handle_critical_error+0x37c/0x540
[  211.175522][ T5947]  f2fs_write_end_io+0x886/0xb60
[  211.175537][ T5947]  __submit_merged_bio+0x27a/0x6a0
[  211.175547][ T5947]  ? up_write+0x1c4/0x420
[  211.175557][ T5947]  __submit_merged_write_cond+0x44c/0x530
[  211.175571][ T5947]  f2fs_sync_node_pages+0x1479/0x15e0
[  211.175588][ T5947]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  211.175608][ T5947]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  211.175617][ T5947]  ? up_write+0x1c4/0x420
[  211.175624][ T5947]  ? do_raw_spin_unlock+0x4d/0x240
[  211.175634][ T5947]  f2fs_write_checkpoint+0xe6f/0x1df0
[  211.175651][ T5947]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  211.175677][ T5947]  ? kill_f2fs_super+0x298/0x6c0
[  211.175687][ T5947]  kill_f2fs_super+0x2c3/0x6c0
[  211.175696][ T5947]  ? __pfx_kill_f2fs_super+0x10/0x10
[  211.175703][ T5947]  ? radix_tree_delete_item+0x2b6/0x400
[  211.175713][ T5947]  ? shrinker_free+0x2ce/0x3e0
[  211.175723][ T5947]  deactivate_locked_super+0xbc/0x130
[  211.175732][ T5947]  cleanup_mnt+0x425/0x4c0
[  211.175740][ T5947]  ? lockdep_hardirqs_on+0x9c/0x150
[  211.175749][ T5947]  task_work_run+0x1d4/0x260
[  211.175760][ T5947]  ? __pfx_task_work_run+0x10/0x10
[  211.175769][ T5947]  ? __x64_sys_umount+0x122/0x160
[  211.175781][ T5947]  ? exit_to_user_mode_loop+0x40/0x110
[  211.175792][ T5947]  exit_to_user_mode_loop+0xec/0x110
[  211.175802][ T5947]  do_syscall_64+0x2bd/0x3b0
[  211.175810][ T5947]  ? lockdep_hardirqs_on+0x9c/0x150
[  211.175816][ T5947]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.175823][ T5947]  ? exc_page_fault+0x9f/0xf0
[  211.175830][ T5947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.175837][ T5947] RIP: 0033:0x7f9dd278ff57
[  211.175845][ T5947] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  211.175852][ T5947] RSP: 002b:00007ffca896c868 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  211.175861][ T5947] RAX: 0000000000000000 RBX: 00007f9dd2811c2d RCX: 00007f9dd278ff57
[  211.175866][ T5947] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca896c920
[  211.175870][ T5947] RBP: 00007ffca896c920 R08: 0000000000000000 R09: 0000000000000000
[  211.175874][ T5947] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca896d9b0
[  211.175878][ T5947] R13: 00007f9dd2811c2d R14: 0000000000033109 R15: 00007ffca896d9f0
[  211.175890][ T5947]  </TASK>
[  211.175893][ T5947] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  211.325573][ T9508] loop3: detected capacity change from 0 to 512
[  211.343933][ T9508] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  211.357406][ T9508] EXT4-fs (loop3): 1 truncate cleaned up
[  211.367723][ T9508] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  211.377227][ T9508] EXT4-fs error (device loop3): ext4_append:79: inode #2: comm syz.3.1389: Logical block already allocated
[  211.384702][ T9508] EXT4-fs (loop3): Remounting filesystem read-only
[  211.409272][ T9059] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.189304][ T9531] loop0: detected capacity change from 0 to 16
[  212.224450][ T9531] erofs (device loop0): mounted with root inode @ nid 36.
[  213.266894][ T9548] cgroup: noprefix used incorrectly
[  213.604950][ T9558] loop3: detected capacity change from 0 to 4096
[  213.697793][ T9561] loop1: detected capacity change from 0 to 256
[  213.705506][ T9561] exfat: Deprecated parameter 'utf8'
[  213.707544][ T9561] exfat: Deprecated parameter 'namecase'
[  213.709793][ T9561] exfat: Deprecated parameter 'namecase'
[  213.714910][ T9561] exfat: Deprecated parameter 'utf8'
[  213.720118][ T9561] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0x0fac38ce, utbl_chksum : 0xe619d30d)
[  213.754102][ T9561] exFAT-fs (loop1): start_clu is invalid cluster(0x400)
[  213.886846][ T6004] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  214.159625][ T6004] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  214.164384][ T6004] usb 1-1: config 0 has no interfaces?
[  214.170153][ T6004] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  214.181293][ T6004] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.188383][ T6004] usb 1-1: Product: syz
[  214.190489][ T6004] usb 1-1: Manufacturer: syz
[  214.197059][ T6004] usb 1-1: SerialNumber: syz
[  214.203185][ T6004] usb 1-1: config 0 descriptor??
[  214.528580][ T9581] comedi comedi2: dt2814: I/O port conflict (0x780e041b,2)
[  214.569646][ T6004] usb 1-1: USB disconnect, device number 14
[  214.659192][ T9588] loop3: detected capacity change from 0 to 512
[  214.666110][ T9588] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  214.677066][ T9588] EXT4-fs (loop3): 1 truncate cleaned up
[  214.681668][ T9588] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  214.723678][ T9059] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.976073][ T9599] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  214.976658][ T6004] IPVS: starting estimator thread 0...
[  215.082358][ T9601] IPVS: using max 40 ests per chain, 96000 per kthread
[  216.582282][ T9629] loop0: detected capacity change from 0 to 64
[  217.323712][   T47] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  217.601484][   T47] usb 4-1: unable to get BOS descriptor or descriptor too short
[  217.631657][   T47] usb 4-1: unable to read config index 0 descriptor/start: -71
[  217.647482][   T47] usb 4-1: can't read configurations, error -71
[  218.346132][ T9670] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1456'.
[  218.346193][ T9670] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1456'.
[  218.381847][ T5315] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  218.532363][ T5315] usb 1-1: Using ep0 maxpacket: 8
[  218.535310][ T5315] usb 1-1: config 0 has an invalid interface number: 130 but max is 0
[  218.540031][ T5315] usb 1-1: config 0 has no interface number 0
[  218.766466][ T9681] netlink: 1347 bytes leftover after parsing attributes in process `syz.1.1461'.
[  218.899679][ T5315] usb 1-1: New USB device found, idVendor=2013, idProduct=0246, bcdDevice=e6.56
[  219.325912][ T9695] netlink: 'syz.1.1468': attribute type 3 has an invalid length.
[  219.328680][ T9695] netlink: 'syz.1.1468': attribute type 1 has an invalid length.
[  219.331834][ T9695] netlink: 193500 bytes leftover after parsing attributes in process `syz.1.1468'.
[  219.428004][ T5315] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.432466][ T5315] usb 1-1: Product: syz
[  219.434179][ T5315] usb 1-1: Manufacturer: syz
[  219.436153][ T5315] usb 1-1: SerialNumber: syz
[  219.447122][ T5315] usb 1-1: config 0 descriptor??
[  219.461647][ T5315] as10x_usb: device has been detected
[  219.465265][ T5315] dvbdev: DVB: registering new adapter (PCTV Systems picoStick (74e))
[  219.504251][ T5315] usb 1-1: DVB: registering adapter 1 frontend 0 (PCTV Systems picoStick (74e))...
[  219.525960][ T5315] as10x_usb: error during firmware upload part1
[  219.528471][ T5315] Registered device PCTV Systems picoStick (74e)
[  219.649445][ T9710] loop3: detected capacity change from 0 to 512
[  219.849874][ T7699] usb 1-1: USB disconnect, device number 15
[  219.938378][ T7699] Unregistered device PCTV Systems picoStick (74e)
[  219.940646][ T7699] as10x_usb: device has been disconnected
[  220.785979][ T9721] netlink: 'syz.1.1479': attribute type 10 has an invalid length.
[  220.860924][ T9721] team0: Port device syz_tun added
[  221.392839][ T9719] loop0: detected capacity change from 0 to 32768
[  221.464511][ T6554]  loop0: p1 p2 p3 < p5 p6 >
[  221.477863][ T6554] loop0: p1 size 242222080 extends beyond EOD, truncated
[  221.551217][ T6554] loop0: p2 start 4294967295 is beyond EOD, truncated
[  221.601982][ T9730] loop1: detected capacity change from 0 to 512
[  221.616835][ T9730] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  221.659039][ T9719]  loop0: p1 p2 p3 < p5 p6 >
[  221.666710][ T9730] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #17: comm syz.1.1482: iget: bad i_size value: -6917529027641081756
[  221.683169][ T9719] loop0: p1 size 242222080 extends beyond EOD, truncated
[  221.687884][ T9730] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1482: couldn't read orphan inode 17 (err -117)
[  221.694722][ T9719] loop0: p2 start 4294967295 is beyond EOD, truncated
[  221.704388][ T9730] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.774518][ T5940] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.827080][ T5297]  loop0: p1 p2 p3 < p5 p6 >
[  221.829403][ T5297] loop0: p1 size 242222080 extends beyond EOD, truncated
[  221.839784][ T5297] loop0: p2 start 4294967295 is beyond EOD, truncated
[  222.985824][ T5943] udevd[5943]: inotify_add_watch(7, /dev/loop0p6, 10) failed: No such file or directory
[  222.986678][ T6554] udevd[6554]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  222.994029][ T9367] udevd[9367]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  223.000736][ T9368] udevd[9368]: inotify_add_watch(7, /dev/loop0p5, 10) failed: No such file or directory
[  223.733688][ T9751] loop1: detected capacity change from 0 to 16384
[  223.830068][ T9749] loop0: detected capacity change from 0 to 32768
[  223.875732][ T9751] bcachefs (loop1): starting version 1.13: inode_has_child_snapshots opts=errors=continue,metadata_checksum=none,data_checksum=xxhash,erasure_code,grpquota,prjquota,norecovery,reconstruct_alloc,version_upgrade=none,nocow
[  223.875756][ T9751]   features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  223.893870][ T9751] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  223.900853][ T9751] bcachefs (loop1): invalid journal entry, version=1.13: inode_has_child_snapshots type=clock in superblock: bad size, fixing
[  223.912868][ T9751] bcachefs (loop1): recovering from clean shutdown, journal seq 18
[  223.917613][ T9751] bcachefs (loop1): dropping and reconstructing all alloc info
[  223.941020][ T9751] bcachefs (loop1): accounting_read... done
[  223.948364][ T9751] bcachefs (loop1): alloc_read... done
[  223.951036][ T9751] bcachefs (loop1): snapshots_read... done
[  223.955084][ T9751] bcachefs (loop1): Fixed errors, running fsck a second time to verify fs is clean
[  223.959609][ T9751] bcachefs (loop1): reading quotas
[  223.963994][ T9751] bcachefs (loop1): quotas done
[  223.966899][ T9751] bcachefs (loop1): done starting filesystem
[  224.022133][ T5940] bcachefs (loop1): shutting down
[  224.045074][ T5940] bcachefs (loop1): shutdown complete
[  224.265462][ T9768] netlink: 'syz.0.1496': attribute type 1 has an invalid length.
[  224.371070][ T9773] loop0: detected capacity change from 0 to 164
[  224.546908][ T9779] loop0: detected capacity change from 0 to 512
[  224.551089][ T9779] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  224.590794][ T9779] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.1502: bad orphan inode 32
[  224.603104][ T9779] ext4_test_bit(bit=31, block=4) = 0
[  224.605511][ T9779] EXT4-fs (loop0): 1 orphan inode deleted
[  224.610809][ T9779] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.653714][ T5947] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.669262][ T9785] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1503'.
[  226.041225][ T9825] input: syz0 as /devices/virtual/input/input10
[  226.132412][ T5315] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  226.258130][ T9836] loop1: detected capacity change from 0 to 512
[  226.276447][ T9836] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback.
[  226.280576][ T9836] ext4 filesystem being mounted at /511/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  226.293355][ T5315] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  226.297800][ T9836] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  226.301649][ T9836] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 64512
[  226.306753][ T9836] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.1525: Failed to acquire dquot type 0
[  226.313419][ T5315] usb 4-1: New USB device found, idVendor=0f11, idProduct=2000, bcdDevice=c7.bc
[  226.316537][ T5315] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.319165][ T5315] usb 4-1: Product: syz
[  226.320866][ T5315] usb 4-1: Manufacturer: syz
[  226.323956][    T9] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  226.326621][ T5315] usb 4-1: SerialNumber: syz
[  226.330765][ T5315] usb 4-1: config 0 descriptor??
[  226.339641][ T5940] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0007-000000000000.
[  226.343902][ T5315] ldusb 4-1:0.0: Interrupt in endpoint not found
[  226.472366][    T9] usb 1-1: Using ep0 maxpacket: 16
[  226.475663][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  226.480951][    T9] usb 1-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  226.485944][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.489107][    T9] usb 1-1: Product: syz
[  226.490969][    T9] usb 1-1: Manufacturer: syz
[  226.493334][    T9] usb 1-1: SerialNumber: syz
[  226.496752][    T9] usb 1-1: config 0 descriptor??
[  226.500559][    T9] hub 1-1:0.0: bad descriptor, ignoring hub
[  226.503409][    T9] hub 1-1:0.0: probe with driver hub failed with error -5
[  226.507828][    T9] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input11
[  226.563044][ T5315] usb 4-1: USB disconnect, device number 5
[  226.613650][ T6004] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  226.711284][ T9827] pim6reg: entered allmulticast mode
[  226.794181][ T6004] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  226.798527][ T6004] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  226.802113][ T6004] usb 2-1: New USB device found, idVendor=05ac, idProduct=025b, bcdDevice= 0.00
[  226.805788][ T6004] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.810990][ T6004] usb 2-1: config 0 descriptor??
[  226.922979][   T10] usb 1-1: USB disconnect, device number 16
[  227.229836][ T6004] apple 0003:05AC:025B.0006: hidraw0: USB HID v0.00 Device [HID 05ac:025b] on usb-dummy_hcd.1-1/input0
[  227.426650][ T6004] usb 2-1: USB disconnect, device number 17
[  227.481966][ T9849] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1529'.
[  227.486084][ T9849] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1529'.
[  227.564102][ T9851] loop3: detected capacity change from 0 to 8192
[  227.568051][ T9851] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  227.785447][ T9862] netlink: 'syz.0.1535': attribute type 14 has an invalid length.
[  228.051367][ T9865] loop0: detected capacity change from 0 to 16
[  228.054171][ T9865] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  228.057622][ T9865] cramfs: bad root offset 4
[  228.086402][ T9867] netlink: 320 bytes leftover after parsing attributes in process `syz.1.1537'.
[  228.090382][ T9867] ==================================================================
[  228.093575][ T9867] BUG: KASAN: slab-use-after-free in xfrm_alloc_spi+0x570/0xf30
[  228.096109][ T9867] Read of size 4 at addr ffff88810c6180c4 by task syz.1.1537/9867
[  228.100025][ T9867] 
[  228.101022][ T9867] CPU: 0 UID: 0 PID: 9867 Comm: syz.1.1537 Not tainted syzkaller #0 PREEMPT(full) 
[  228.101037][ T9867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  228.101045][ T9867] Call Trace:
[  228.101052][ T9867]  <TASK>
[  228.101056][ T9867]  dump_stack_lvl+0x189/0x250
[  228.101068][ T9867]  ? __kasan_check_byte+0x12/0x40
[  228.101080][ T9867]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.101089][ T9867]  ? lock_release+0x4b/0x3e0
[  228.101101][ T9867]  ? __virt_addr_valid+0x4a5/0x5c0
[  228.101110][ T9867]  print_report+0xca/0x240
[  228.101118][ T9867]  ? xfrm_alloc_spi+0x570/0xf30
[  228.101127][ T9867]  kasan_report+0x118/0x150
[  228.101141][ T9867]  ? xfrm_alloc_spi+0x570/0xf30
[  228.101156][ T9867]  xfrm_alloc_spi+0x570/0xf30
[  228.101168][ T9867]  ? xfrm_alloc_spi+0x2a0/0xf30
[  228.101182][ T9867]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  228.101197][ T9867]  ? xfrm_find_acq+0x87/0xa0
[  228.101260][ T9867]  xfrm_alloc_userspi+0x70b/0xc90
[  228.101289][ T9867]  ? apparmor_capable+0x137/0x1b0
[  228.101303][ T9867]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  228.101314][ T9867]  ? __nla_parse+0x40/0x60
[  228.101323][ T9867]  xfrm_user_rcv_msg+0x7a3/0xab0
[  228.101334][ T9867]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  228.101349][ T9867]  ? __pfx___mutex_trylock_common+0x10/0x10
[  228.101358][ T9867]  ? rcu_is_watching+0x15/0xb0
[  228.101365][ T9867]  ? trace_contention_end+0x39/0x120
[  228.101372][ T9867]  ? __mutex_lock+0x335/0x1350
[  228.101381][ T9867]  netlink_rcv_skb+0x208/0x470
[  228.101389][ T9867]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  228.101397][ T9867]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  228.101406][ T9867]  ? netlink_deliver_tap+0x2e/0x1b0
[  228.101412][ T9867]  ? netlink_deliver_tap+0x2e/0x1b0
[  228.101419][ T9867]  xfrm_netlink_rcv+0x79/0x90
[  228.101428][ T9867]  netlink_unicast+0x82f/0x9e0
[  228.101441][ T9867]  ? __pfx_netlink_unicast+0x10/0x10
[  228.101452][ T9867]  ? netlink_sendmsg+0x642/0xb30
[  228.101458][ T9867]  ? skb_put+0x11b/0x210
[  228.101468][ T9867]  netlink_sendmsg+0x805/0xb30
[  228.101477][ T9867]  ? __pfx_netlink_sendmsg+0x10/0x10
[  228.101486][ T9867]  ? aa_sock_msg_perm+0xf1/0x1d0
[  228.101493][ T9867]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  228.101501][ T9867]  ? __pfx_netlink_sendmsg+0x10/0x10
[  228.101507][ T9867]  __sock_sendmsg+0x21c/0x270
[  228.101518][ T9867]  ____sys_sendmsg+0x505/0x830
[  228.101527][ T9867]  ? __pfx_____sys_sendmsg+0x10/0x10
[  228.101537][ T9867]  ? import_iovec+0x74/0xa0
[  228.101546][ T9867]  ___sys_sendmsg+0x21f/0x2a0
[  228.101554][ T9867]  ? __pfx____sys_sendmsg+0x10/0x10
[  228.101567][ T9867]  ? __fget_files+0x2a/0x420
[  228.101573][ T9867]  ? __fget_files+0x3a0/0x420
[  228.101580][ T9867]  __x64_sys_sendmsg+0x19b/0x260
[  228.101588][ T9867]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  228.101598][ T9867]  ? rcu_is_watching+0x15/0xb0
[  228.101605][ T9867]  ? do_syscall_64+0xbe/0x3b0
[  228.101613][ T9867]  do_syscall_64+0xfa/0x3b0
[  228.101619][ T9867]  ? lockdep_hardirqs_on+0x9c/0x150
[  228.101626][ T9867]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.101632][ T9867]  ? exc_page_fault+0x9f/0xf0
[  228.101639][ T9867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.101645][ T9867] RIP: 0033:0x7fbbe058ec29
[  228.101653][ T9867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.101660][ T9867] RSP: 002b:00007fbbe144b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  228.101669][ T9867] RAX: ffffffffffffffda RBX: 00007fbbe07d5fa0 RCX: 00007fbbe058ec29
[  228.101674][ T9867] RDX: 000000000400c8c0 RSI: 0000200000000200 RDI: 0000000000000003
[  228.101678][ T9867] RBP: 00007fbbe0611e41 R08: 0000000000000000 R09: 0000000000000000
[  228.101682][ T9867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  228.101686][ T9867] R13: 00007fbbe07d6038 R14: 00007fbbe07d5fa0 R15: 00007ffe336121c8
[  228.101694][ T9867]  </TASK>
[  228.101697][ T9867] 
[  228.229807][ T9867] Allocated by task 9242:
[  228.231325][ T9867]  kasan_save_track+0x3e/0x80
[  228.233068][ T9867]  __kasan_slab_alloc+0x6c/0x80
[  228.234726][ T9867]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  228.236771][ T9867]  xfrm_state_alloc+0x24/0x2f0
[  228.238700][ T9867]  pfkey_add+0x6e4/0x2e00
[  228.240499][ T9867]  pfkey_sendmsg+0xbfe/0x1090
[  228.242422][ T9867]  __sock_sendmsg+0x21c/0x270
[  228.244149][ T9867]  ____sys_sendmsg+0x505/0x830
[  228.245880][ T9867]  ___sys_sendmsg+0x21f/0x2a0
[  228.247486][ T9867]  __x64_sys_sendmsg+0x19b/0x260
[  228.249174][ T9867]  do_syscall_64+0xfa/0x3b0
[  228.250687][ T9867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.252821][ T9867] 
[  228.253653][ T9867] Freed by task 47:
[  228.255220][ T9867]  kasan_save_track+0x3e/0x80
[  228.256844][ T9867]  kasan_save_free_info+0x46/0x50
[  228.258587][ T9867]  __kasan_slab_free+0x5b/0x80
[  228.260187][ T9867]  kmem_cache_free+0x18f/0x400
[  228.261791][ T9867]  xfrm_state_gc_task+0x52d/0x6b0
[  228.263498][ T9867]  process_scheduled_works+0xae1/0x17b0
[  228.265346][ T9867]  worker_thread+0x8a0/0xda0
[  228.266879][ T9867]  kthread+0x711/0x8a0
[  228.268291][ T9867]  ret_from_fork+0x439/0x7d0
[  228.270117][ T9867]  ret_from_fork_asm+0x1a/0x30
[  228.271741][ T9867] 
[  228.272544][ T9867] The buggy address belongs to the object at ffff88810c618000
[  228.272544][ T9867]  which belongs to the cache xfrm_state of size 928
[  228.277369][ T9867] The buggy address is located 196 bytes inside of
[  228.277369][ T9867]  freed 928-byte region [ffff88810c618000, ffff88810c6183a0)
[  228.282143][ T9867] 
[  228.283110][ T9867] The buggy address belongs to the physical page:
[  228.285484][ T9867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88810c618000 pfn:0x10c618
[  228.289040][ T9867] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  228.292437][ T9867] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  228.295667][ T9867] page_type: f5(slab)
[  228.297315][ T9867] raw: 057ff00000000040 ffff88801affc640 dead000000000122 0000000000000000
[  228.300304][ T9867] raw: ffff88810c618000 00000000800e000d 00000000f5000000 0000000000000000
[  228.303331][ T9867] head: 057ff00000000040 ffff88801affc640 dead000000000122 0000000000000000
[  228.306142][ T9867] head: ffff88810c618000 00000000800e000d 00000000f5000000 0000000000000000
[  228.309039][ T9867] head: 057ff00000000002 ffffea0004318601 00000000ffffffff 00000000ffffffff
[  228.312052][ T9867] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  228.315642][ T9867] page dumped because: kasan: bad access detected
[  228.318205][ T9867] page_owner tracks the page as allocated
[  228.320373][ T9867] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6172, tgid 6171 (syz.1.142), ts 79151926998, free_ts 75418841321
[  228.327818][ T9867]  post_alloc_hook+0x240/0x2a0
[  228.329569][ T9867]  get_page_from_freelist+0x21e4/0x22c0
[  228.331675][ T9867]  __alloc_frozen_pages_noprof+0x181/0x370
[  228.333803][ T9867]  alloc_pages_mpol+0x232/0x4a0
[  228.335585][ T9867]  allocate_slab+0x8a/0x370
[  228.337190][ T9867]  ___slab_alloc+0xbeb/0x1420
[  228.338851][ T9867]  kmem_cache_alloc_noprof+0x283/0x3c0
[  228.340998][ T9867]  xfrm_state_alloc+0x24/0x2f0
[  228.342839][ T9867]  __find_acq_core+0x8a7/0x1c00
[  228.344721][ T9867]  xfrm_find_acq+0x78/0xa0
[  228.346448][ T9867]  xfrm_alloc_userspi+0x6b3/0xc90
[  228.348284][ T9867]  xfrm_user_rcv_msg+0x7a3/0xab0
[  228.350113][ T9867]  netlink_rcv_skb+0x208/0x470
[  228.351770][ T9867]  xfrm_netlink_rcv+0x79/0x90
[  228.353526][ T9867]  netlink_unicast+0x82f/0x9e0
[  228.355211][ T9867]  netlink_sendmsg+0x805/0xb30
[  228.356790][ T9867] page last free pid 5943 tgid 5943 stack trace:
[  228.358981][ T9867]  __free_frozen_pages+0xbc4/0xd30
[  228.360771][ T9867]  __put_partials+0x156/0x1a0
[  228.362323][ T9867]  put_cpu_partial+0x17c/0x250
[  228.364038][ T9867]  __slab_free+0x2d5/0x3c0
[  228.365612][ T9867]  qlist_free_all+0x97/0x140
[  228.367212][ T9867]  kasan_quarantine_reduce+0x148/0x160
[  228.369129][ T9867]  __kasan_slab_alloc+0x22/0x80
[  228.370768][ T9867]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  228.372572][ T9867]  getname_flags+0xb8/0x540
[  228.374399][ T9867]  __x64_sys_rename+0x5d/0x90
[  228.376341][ T9867]  do_syscall_64+0xfa/0x3b0
[  228.378198][ T9867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.380384][ T9867] 
[  228.381155][ T9867] Memory state around the buggy address:
[  228.382929][ T9867]  ffff88810c617f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  228.386022][ T9867]  ffff88810c618000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  228.388710][ T9867] >ffff88810c618080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  228.391310][ T9867]                                            ^
[  228.393354][ T9867]  ffff88810c618100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  228.396155][ T9867]  ffff88810c618180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  228.398789][ T9867] ==================================================================
[  228.401972][ T9867] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  228.404835][ T9867] CPU: 0 UID: 0 PID: 9867 Comm: syz.1.1537 Not tainted syzkaller #0 PREEMPT(full) 
[  228.408813][ T9867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  228.413081][ T9867] Call Trace:
[  228.414514][ T9867]  <TASK>
[  228.415803][ T9867]  dump_stack_lvl+0x99/0x250
[  228.417777][ T9867]  ? __asan_memcpy+0x40/0x70
[  228.419752][ T9867]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.421954][ T9867]  ? __pfx__printk+0x10/0x10
[  228.423986][ T9867]  vpanic+0x281/0x750
[  228.425661][ T9867]  ? __pfx_vpanic+0x10/0x10
[  228.427584][ T9867]  ? irqentry_exit+0x74/0x90
[  228.429540][ T9867]  panic+0xb9/0xc0
[  228.431135][ T9867]  ? __pfx_panic+0x10/0x10
[  228.433030][ T9867]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  228.435536][ T9867]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  228.438054][ T9867]  ? xfrm_alloc_spi+0x570/0xf30
[  228.440109][ T9867]  check_panic_on_warn+0x89/0xb0
[  228.442216][ T9867]  ? xfrm_alloc_spi+0x570/0xf30
[  228.444306][ T9867]  end_report+0x78/0x160
[  228.446078][ T9867]  kasan_report+0x129/0x150
[  228.448013][ T9867]  ? xfrm_alloc_spi+0x570/0xf30
[  228.450069][ T9867]  xfrm_alloc_spi+0x570/0xf30
[  228.452062][ T9867]  ? xfrm_alloc_spi+0x2a0/0xf30
[  228.454095][ T9867]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  228.456282][ T9867]  ? xfrm_find_acq+0x87/0xa0
[  228.458258][ T9867]  xfrm_alloc_userspi+0x70b/0xc90
[  228.460399][ T9867]  ? apparmor_capable+0x137/0x1b0
[  228.462611][ T9867]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  228.464978][ T9867]  ? __nla_parse+0x40/0x60
[  228.466944][ T9867]  xfrm_user_rcv_msg+0x7a3/0xab0
[  228.468975][ T9867]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  228.471122][ T9867]  ? __pfx___mutex_trylock_common+0x10/0x10
[  228.473324][ T9867]  ? rcu_is_watching+0x15/0xb0
[  228.475328][ T9867]  ? trace_contention_end+0x39/0x120
[  228.477578][ T9867]  ? __mutex_lock+0x335/0x1350
[  228.479661][ T9867]  netlink_rcv_skb+0x208/0x470
[  228.481714][ T9867]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  228.484089][ T9867]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  228.486350][ T9867]  ? netlink_deliver_tap+0x2e/0x1b0
[  228.488485][ T9867]  ? netlink_deliver_tap+0x2e/0x1b0
[  228.490595][ T9867]  xfrm_netlink_rcv+0x79/0x90
[  228.492392][ T9867]  netlink_unicast+0x82f/0x9e0
[  228.494440][ T9867]  ? __pfx_netlink_unicast+0x10/0x10
[  228.496679][ T9867]  ? netlink_sendmsg+0x642/0xb30
[  228.498761][ T9867]  ? skb_put+0x11b/0x210
[  228.500602][ T9867]  netlink_sendmsg+0x805/0xb30
[  228.502680][ T9867]  ? __pfx_netlink_sendmsg+0x10/0x10
[  228.504932][ T9867]  ? aa_sock_msg_perm+0xf1/0x1d0
[  228.507086][ T9867]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  228.509378][ T9867]  ? __pfx_netlink_sendmsg+0x10/0x10
[  228.511608][ T9867]  __sock_sendmsg+0x21c/0x270
[  228.513662][ T9867]  ____sys_sendmsg+0x505/0x830
[  228.515728][ T9867]  ? __pfx_____sys_sendmsg+0x10/0x10
[  228.518027][ T9867]  ? import_iovec+0x74/0xa0
[  228.519975][ T9867]  ___sys_sendmsg+0x21f/0x2a0
[  228.522008][ T9867]  ? __pfx____sys_sendmsg+0x10/0x10
[  228.523992][ T9867]  ? __fget_files+0x2a/0x420
[  228.525654][ T9867]  ? __fget_files+0x3a0/0x420
[  228.527264][ T9867]  __x64_sys_sendmsg+0x19b/0x260
[  228.529060][ T9867]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  228.530980][ T9867]  ? rcu_is_watching+0x15/0xb0
[  228.533045][ T9867]  ? do_syscall_64+0xbe/0x3b0
[  228.535115][ T9867]  do_syscall_64+0xfa/0x3b0
[  228.537062][ T9867]  ? lockdep_hardirqs_on+0x9c/0x150
[  228.539210][ T9867]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.541736][ T9867]  ? exc_page_fault+0x9f/0xf0
[  228.543758][ T9867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.546334][ T9867] RIP: 0033:0x7fbbe058ec29
[  228.548303][ T9867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.555098][ T9867] RSP: 002b:00007fbbe144b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  228.557982][ T9867] RAX: ffffffffffffffda RBX: 00007fbbe07d5fa0 RCX: 00007fbbe058ec29
[  228.560591][ T9867] RDX: 000000000400c8c0 RSI: 0000200000000200 RDI: 0000000000000003
[  228.563193][ T9867] RBP: 00007fbbe0611e41 R08: 0000000000000000 R09: 0000000000000000
[  228.565971][ T9867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  228.569368][ T9867] R13: 00007fbbe07d6038 R14: 00007fbbe07d5fa0 R15: 00007ffe336121c8
[  228.572760][ T9867]  </TASK>
[  228.574933][ T9867] Kernel Offset: disabled
[  228.576850][ T9867] Rebooting in 86400 seconds..

VM DIAGNOSIS:
10:52:07  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000079 RBX=0000000000000079 RCX=0000000000000000 RDX=00000000000003f8
RSI=00000000000017b4 RDI=00000000000017b5 RBP=00000000000003f8 RSP=ffffc9000312e9f0
R8 =ffff88801fcd0237 R9 =1ffff11003f9a046 R10=dffffc0000000000 R11=ffffffff854fad60
R12=dffffc0000000000 R13=ffffffff99b02901 R14=ffffffff99df7460 R15=0000000000000000
RIP=ffffffff854faddc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fbbe144b6c0 ffffffff 00c00000
GS =0000 ffff8880b8613000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000000200 CR3=0000000120508000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fbbe0612fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff89f84dd9 RBX=ffffc900031cfb60 RCX=ffff888107fe0000 RDX=0000000000000000
RSI=0000000000000000 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffc900031cf9c0
R8 =ffff88802a088e43 R9 =1ffff110054111c8 R10=dffffc0000000000 R11=ffffed10054111c9
R12=ffff888112279d40 R13=1ffff92000639f6c R14=0000000000000000 R15=ffffc900031cfb65
RIP=ffffffff81bfadc7 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f8e85972800 ffffffff 00c00000
GS =0000 ffff8881a3c13000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00005654408d87e8 CR3=00000001089fa000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
